Google Chrome öffnet selbstständig Tabs und Fenster, auch wenn Browser geschlossen

derhalma123 · 20.08.2014, 14:54

Hi, habe seit einigen Wochen folgendes Problem : Google Chrome öffnet nach kurzer Betriebszeit des PCs selbstständig neue Tabs und Fenster ( selbst wenn der Browser vorher nicht verwendet wurde ), was das normale Surfen im Internet unerträglich macht. Ich habe mich bereits im Forum belesen, bin dann aber zu dem Schluss gekommen der Bitte, jedes Problem separat zu lösen, weil jede Infektion anders sei, nachgekommen. Ich brauche in der Sache dringend Hilfe, weiß nicht mehr was ich machen soll

Liebe Grüße

der halma

cosinus · 20.08.2014, 15:14

Hallo und

Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die mal fündig geworden?

Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520

Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs in CODE-Tags posten!
Relevant sind nur Logs der letzten 7 Tage bzw. seitdem das Problem besteht!

Zudem bitte auch ein Log mit Farbars Tool machen:

Scan mit Farbar's Recovery Scan Tool (FRST)

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

derhalma123 · 20.08.2014, 15:43

Danke für die schnelle Antwort

Scans mit Avira waren leider ergebnislos, ich erhalte immer nur die Meldung dass mein PC "geschützt ist"

Hier die Logs von FRST :

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:19-08-2014
Ran by Max (administrator) on MAXPC on 20-08-2014 16:28:10
Running from C:\Users\Max\Downloads
Platform: Microsoft Windows 7 Ultimate  Service Pack 1 (X86) OS Language: Englisch (USA)
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Fuyu LIMITED) C:\ProgramData\WindowsProtectManger\wprotectmanager.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(AVM Berlin) C:\Program Files\avmwlanstick\WLanNetService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
() C:\Windows\System32\PnkBstrA.exe
(cake bake) C:\Program Files\WBDesktop.Updater.1.0.0.16.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avwebgrd.exe
() C:\Users\Max\AppData\Local\fst_de_80\upfst_de_80.exe
(AVM Berlin) C:\Program Files\avmwlanstick\WLanGUI.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Saitek) C:\Program Files\SmartTechnology\Software\ProfilerU.exe
(Saitek) C:\Program Files\SmartTechnology\Software\SaiMfd.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe
( ) C:\Program Files\v04BlockAndSurf\BlockAndSurfC.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPNetworkCommunicator.exe
() C:\Program Files\ToggleMark\bin\utilToggleMark.exe
() C:\Program Files\ToggleMark\bin\ToggleMark.PurBrowse.exe
() C:\Program Files\ToggleMark\updateToggleMark.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Google Inc.) C:\Users\Max\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Max\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Max\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Max\AppData\Local\Google\Chrome\Application\chrome.exe
() C:\Program Files\ToggleMark\bin\ToggleMark.BrowserAdapter.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AVMWlanClient] => C:\Program Files\avmwlanstick\wlangui.exe [2105344 2010-10-22] (AVM Berlin)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [102400 2010-04-06] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [11430504 2011-10-17] (Realtek Semiconductor)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-31] (Apple Inc.)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-14] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [ProfilerU] => C:\Program Files\SmartTechnology\Software\ProfilerU.exe [327680 2013-01-31] (Saitek)
HKLM\...\Run: [SaiMfd] => C:\Program Files\SmartTechnology\Software\SaiMfd.exe [122880 2013-01-31] (Saitek)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [KiesTrayAgent] => C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
HKLM\...\Run: [HP Software Update] => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [54840 2007-05-08] (Hewlett-Packard)
HKLM\...\Run: [hpqSRMon] => C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM\...\Run: [Iminent] => C:\Program Files\Iminent\Iminent.exe /warmup "F77F87E5-A6BD-4922-A530-EDF63D7E9F8C"                                                                                    
HKLM\...\Run: [IminentMessenger] => C:\Program Files\Iminent\Iminent.Messengers.exe                                                
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [718688 2009-10-01] (Microsoft Corporation)
HKLM\...\Run: [Adobe Update] => C:\ProgramData\Adobe\Color.vbs [103 2013-12-11] ()
HKLM\...\Run: [fst_de_37] => [X]
HKLM\...\Run: [Avira Systray] => C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe [161584 2014-08-04] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 2014-08-01] (Apple Inc.)
HKLM\...\RunOnce: [upfst_de_80.exe] => C:\Users\Max\AppData\Local\fst_de_80\upfst_de_80.exe [5768672 2014-07-03] ()
HKU\.DEFAULT\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2013-03-19] (Microsoft Corporation)
HKU\S-1-5-21-599103058-399197357-876646614-1000\...\Run: [Google Update] => C:\Users\Max\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-11-10] (Google Inc.)
HKU\S-1-5-21-599103058-399197357-876646614-1000\...\Run: [uTorrent] => C:\Program Files\uTorrent\uTorrent.exe [963984 2012-11-10] (BitTorrent, Inc.)
HKU\S-1-5-21-599103058-399197357-876646614-1000\...\Run: [EADM] => C:\Program Files\Origin\Origin.exe [3600728 2014-08-06] (Electronic Arts)
HKU\S-1-5-21-599103058-399197357-876646614-1000\...\Run: [Facebook Update] => C:\Users\Max\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-03-14] (Facebook Inc.)
HKU\S-1-5-21-599103058-399197357-876646614-1000\...\Run: [] => C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
HKU\S-1-5-21-599103058-399197357-876646614-1000\...\Run: [NokiaSuite.exe] => C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe -tray
HKU\S-1-5-21-599103058-399197357-876646614-1000\...\Run: [KiesPreload] => C:\Program Files\Samsung\Kies\Kies.exe /preload
HKU\S-1-5-21-599103058-399197357-876646614-1000\...\Run: [KiesAirMessage] => C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup
HKU\S-1-5-21-599103058-399197357-876646614-1000\...\Run: [HP Deskjet 3050A J611 series (NET)] => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe [1804648 2011-06-08] (Hewlett-Packard Co.)
HKU\S-1-5-21-599103058-399197357-876646614-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-599103058-399197357-876646614-1000\...\Run: [Browser Infrastructure Helper] => C:\Users\Max\AppData\Local\Smartbar\Application\Smartbar.exe startup
HKU\S-1-5-21-599103058-399197357-876646614-1000\...\Run: [Steam] => C:\Program Files\Steam\Steam.exe [1753280 2014-07-12] (Valve Corporation)
HKU\S-1-5-21-599103058-399197357-876646614-1000\...\Run: [BlockAndSurf] => C:\Program Files\v04BlockAndSurf\BlockAndSurf.exe [130560 2014-07-15] ()
HKU\S-1-5-21-599103058-399197357-876646614-1000\...\Run: [BlockAndSurfC] => C:\Program Files\v04BlockAndSurf\BlockAndSurfC.exe [2343936 2014-07-15] ( )
HKU\S-1-5-21-599103058-399197357-876646614-1000\...\MountPoints2: {e1b8273b-2b6d-11e2-aa30-a7f40ee6de8f} - E:\pushinst.exe
AppInit_DLLs: C:\PROGRA~2\SupTab\SEARCH~1.DLL => C:\PROGRA~2\SupTab\SEARCH~1.DLL File Not Found
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: http=127.0.0.1:14312;https=127.0.0.1:14312
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRaxo67ounJhqib0rXFhtLLIHmXcfrN_YrkL6AMkVAcJ3mJAHPYcE2slwbJii8zfWL1FQRjNUcGNjPCYTvEeyvjl1UFOsKt3JIXk8EiZIAddBQ1AOwOi-LgdTQghlcIUpUQPIXN3qUZfQIqvYTQEeS-EWw2Lyjpyu&q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRaxo67ounJhqib0rXFhtLLIHmXcfrN_YrkL6AMkVAcJ3mJAHPYcE2slwbJii8zfaNUPyB8Jfk-FflQlZ-VsZPeKL-S5mVhf2Ht0mP_WC1CVShFDA72ue264my7QSkJXuMOa1GRFglFz2LCZMfA7hM5fI3E15Zm3F
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x416DF7617EBFCD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://search.babylon.com/?affID=119776&babsrc=HP_ss_din2g&mntrId=B88F902B349439B7
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://isearch.omiga-plus.com/?type=hp&ts=1402480324&from=tt4u&uid=ST3160023AS_3JS0KDCF
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRaxo67ounJhqib0rXFhtLLIHmXcfrN_YrkL6AMkVAcJ3mJAHPYcE2slwbJii8zfWL1FQRjNUcGNjPCYTvEeyvjl1UFOsKt3JIXk8EiZIAddBQ1AOwOi-LgdTQghlcIUpUQPIXN3qUZfQIqvYTQEeS-EWw2Lyjpyu&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.nationzoom.com/?type=sc&ts=1389885761&from=vtt&uid=ST3160023AS_3JS0KDCF
SearchScopes: HKLM - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=99089bda-3282-9ab6-be5a-1a02db071208&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=07/02/2014&type=hp1000
SearchScopes: HKLM - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=99089bda-3282-9ab6-be5a-1a02db071208&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=07/02/2014&type=hp1000
SearchScopes: HKCU - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRaxo67ounJhqib0rXFhtLLIHmXcfrN_YrkL6AMkVAcJ3mJAHPYcE2slwbJii8zfWL1FQRjNUcGNjPCYTvEeyvjl1UFOsKt3JIXk8EiZIAddBQ1AOwOi-LgdTQghlcIUpUQPIXN3qUZfQIqvYTQEeS-EWw2Lyjpyu&q={searchTerms}
SearchScopes: HKCU - bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRaxo67ounJhqib0rXFhtLLIHmXcfrN_YrkL6AMkVAcJ3mJAHPYcE2slwbJii8zfWL1FQRjNUcGNjPCYTvEeyvjl1UFOsKt3JIXk8EiZIAddBQ1AOwOi-LgdTQghlcIUpUQPIXN3qUZfQIqvYTQEeS-EWw2Lyjpyu&q={searchTerms}
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1402480324&from=tt4u&uid=ST3160023AS_3JS0KDCF&q={searchTerms}
BHO: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO: SaveSense -> {0f21b1e5-5afc-43c9-9c66-515046e92ec2} -> C:\Program Files\SaveSense\SaveSenseIE.dll No File
BHO: BlockAndSurf -> {116A3232-FFD2-E653-A41B-953268ED14F9} -> C:\Program Files\v04BlockAndSurf\175.dll ()
BHO: Yahoo Community Smartbar (by Linkury)Engine -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll No File
BHO: Browse Safe BHO -> {8E56A02B-46FE-4490-B169-F16E5231533B} -> C:\Program Files\Browse Safe\FrameworkBHO.dll No File
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO: delta Helper Object -> {C1AF5FA5-852C-4C90-812E-A7F75E011D87} -> C:\Program Files\Delta\delta\1.8.21.5\bh\delta.dll No File
BHO: Ask Toolbar -> {D4027C7F-154A-4066-A1AD-4243D8127440} -> C:\Program Files\Ask.com\GenericAskToolbar.dll No File
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll No File
BHO: ToggleMark -> {dc59a866-959c-4638-a191-c13177d0bd68} -> C:\Program Files\ToggleMark\ToggleMarkbho.dll (ToggleMark)
BHO: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll No File
Toolbar: HKLM - Yahoo Community Smartbar (by Linkury) - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKCU - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll No File
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Winsock: Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\pjlxmbu5.default
FF NewTab: chrome://quick_start/content/index.html
FF DefaultSearchEngine: Web Search
FF SearchEngineOrder.1: Delta Search
FF SelectedSearchEngine: Web Search
FF Homepage: hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRaxo67ounJhqib0rXFhtLLIHmXcfrN_YrkL6AMkVAcJ3mJAHPYcE2slwbJii8zfaNUPyB8Jfk-FflQlZ-VsZPeKL-S5mVhf2Ht0mP_WC1CVShFDA72ue264my7QSkJXuMOa1GRFglFz2LCZMfA7hM5fI3E15Zm3F
FF Keyword.URL: hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRaxo67ounJhqib0rXFhtLLIHmXcfrN_YrkL6AMkVAcJ3mJAHPYcE2slwbJii8zfWL1FQRjNUcGNjPCYTvEeyvjl1UFOsKt3JIXk8EiZIAddBQ1AOwOi-LgdTQghlcIUpUQPIXN3qUZfQIqvYTQEeS-EWw2Lyjpyu&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @esn/npbattlelog,version=2.4.0 -> C:\Program Files\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=10.40.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.40.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll No File
FF Plugin: @nokia.com/EnablerPlugin -> C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll No File
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin: @tools.updaterss.com/SaveSenseLive Update;version=3 -> C:\Program Files\SaveSenseLive\Update\1.3.23.0\npGoogleUpdate3.dll (SaveSense)
FF Plugin: @tools.updaterss.com/SaveSenseLive Update;version=9 -> C:\Program Files\SaveSenseLive\Update\1.3.23.0\npGoogleUpdate3.dll (SaveSense)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\Max\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\Max\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Max\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: facebook.com/fbDesktopPlugin -> C:\Users\Max\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc -> C:\Program Files\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF user.js: detected! => C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\pjlxmbu5.default\user.js
FF SearchPlugin: C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\pjlxmbu5.default\searchplugins\trovi-search.xml
FF SearchPlugin: C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\pjlxmbu5.default\searchplugins\Web Search.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\StartWeb.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Freeven pro - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\pjlxmbu5.default\Extensions\a0046b9b-fdb9-497f-a4b1-2a108ad6007a@5cdf80b7-0420-4bb7-b3c0-e188e6f4fb8a.com [2014-07-13]
FF Extension: MediaPlayerplus - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\pjlxmbu5.default\Extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com [2014-07-13]
FF Extension: Avira Browser Safety - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\pjlxmbu5.default\Extensions\abs@avira.com [2014-08-14]
FF Extension: Battlefield Play4Free - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\pjlxmbu5.default\Extensions\battlefieldplay4free@ea.com [2013-03-24]
FF Extension: Fast Start - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\pjlxmbu5.default\Extensions\faststartff@gmail.com [2014-07-13]
FF Extension: Plus-HD-2.2c - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\pjlxmbu5.default\Extensions\ODNZSOUV80284234@YL43682704.com [2014-08-20]
FF Extension: SaveSense - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\pjlxmbu5.default\Extensions\{8b337819-d1e8-48d3-8178-168ae8c99c36} [2013-11-25]
FF Extension: Yahoo Community Smartbar - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\pjlxmbu5.default\Extensions\{99089bda-3282-9ab6-be5a-1a02db071208} [2014-03-14]
FF Extension: ToggleMark - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\pjlxmbu5.default\Extensions\{9a9157bb-003e-4fef-8bd1-c09bc4586a28}.xpi [2014-08-19]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-08-14]
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-06-18]
FF HKLM\...\Firefox\Extensions: [faststartff@gmail.com] - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\pjlxmbu5.default\extensions\faststartff@gmail.com
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKCU\...\Firefox\Extensions: [{157B9130-1152-8AF8-8CAB-E997B53F0984}] - C:\Program Files\v04BlockAndSurf\175.xpi
FF Extension: BlockAndSurf - C:\Program Files\v04BlockAndSurf\175.xpi [2014-07-15]
FF HKCU\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]

Chrome: 
=======
CHR StartupUrls: "hxxp://www.google.de/"
CHR Extension: (Google Docs) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-14]
CHR Extension: (Google Drive) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-14]
CHR Extension: (YouTube) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-14]
CHR Extension: (Google-Suche) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-14]
CHR Extension: (Avira Browser Safety) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-08-14]
CHR Extension: (Plus-HD-2.2) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfakeonomonapccoamcmdgpoaicnpnoo [2014-06-15]
CHR Extension: (Google Wallet) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (Google Mail) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-14]
CHR HKLM\...\Chrome\Extension: [ifohbjbgfchkkfhphahclmkpgejiplfo] - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx [2014-01-16]
CHR HKLM\...\Chrome\Extension: [nbmafkdmkkckhggblphicnnhlgljnoje] - C:\Program Files\TornTV.com\torn2_10.crx [2014-01-16]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [1021008 2014-08-14] (Avira Operations GmbH & Co. KG)
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
R2 Avira.OE.ServiceHost; C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe [149296 2014-08-04] (Avira Operations GmbH & Co. KG)
R2 AVM WLAN Connection Service; C:\Program Files\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin) [File not signed]
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL [694784 2009-09-20] (Hewlett-Packard Co.) [File not signed]
S3 ICCS; C:\Program Files\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [160256 2011-08-30] (Intel Corporation) [File not signed]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [235696 2014-04-09] (McAfee, Inc.)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2010-08-06] (Hewlett-Packard) [File not signed]
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76888 2014-06-15] ()
S2 savesenselive; C:\Program Files\SaveSenseLive\Update\SaveSenseLive.exe [146920 2013-11-25] (SaveSense)
S3 savesenselivem; C:\Program Files\SaveSenseLive\Update\SaveSenseLive.exe [146920 2013-11-25] (SaveSense)
R2 Update ToggleMark; C:\Program Files\ToggleMark\updateToggleMark.exe [323360 2014-08-20] ()
R2 Util ToggleMark; C:\Program Files\ToggleMark\bin\utilToggleMark.exe [323360 2014-08-20] ()
R2 WebCake Desktop Updater; C:\Program Files\WBDesktop.Updater.1.0.0.16.exe [51992 2013-08-17] (cake bake)
R2 WindowsProtectManger; C:\ProgramData\WindowsProtectManger\wprotectmanager.exe [573344 2014-06-11] (Fuyu LIMITED)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 AODDriver; C:\Program Files\GIGABYTE\ET6\i386\AODDriver.sys [36864 2010-03-12] (Advanced Micro Devices) [File not signed]
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [19056 2011-11-02] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [97648 2014-07-01] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136216 2014-06-11] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-11-26] (Avira Operations GmbH & Co. KG)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [4352 2010-10-01] (AVM Berlin) [File not signed]
R3 fwlanusb4; C:\Windows\System32\DRIVERS\fwlanusb4.sys [926080 2010-10-01] (AVM GmbH)
S3 gdrv; C:\Windows\gdrv.sys [17488 2013-10-24] (Windows (R) 2000 DDK provider)
S3 GVTDrv; C:\Windows\system32\Drivers\GVTDrv.sys [24944 2013-10-24] ()
S3 SaiK1703; C:\Windows\System32\DRIVERS\SaiK1703.sys [145216 2012-09-20] (Saitek)
R3 SaiMini; C:\Windows\System32\DRIVERS\SaiMini.sys [23200 2013-02-01] (Saitek)
R3 SaiNtBus; C:\Windows\System32\drivers\SaiBus.sys [46624 2013-02-01] (Saitek)
S3 SaiU1703; C:\Windows\System32\DRIVERS\SaiU1703.sys [41280 2012-09-20] (Saitek)
S3 scramby; C:\Windows\System32\drivers\scramby.sys [25896 2007-02-13] (RapidSolution Software AG)
S3 scramby_out; C:\Windows\System32\drivers\scramby_out.sys [23840 2007-08-08] (RapidSolution Software AG)
S0 sfdrv01; C:\Windows\System32\drivers\sfdrv01.sys [48640 2005-03-03] (Protection Technology) [File not signed]
R0 sfhlp02; C:\Windows\System32\drivers\sfhlp02.sys [6656 2005-02-23] (Protection Technology) [File not signed]
S0 sfsync02; C:\Windows\System32\drivers\sfsync02.sys [20544 2004-12-03] (Protection Technology) [File not signed]
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2012-08-27] (Avira GmbH)
R1 VirtDiskBus; C:\Windows\System32\DRIVERS\VirtDiskBus.sys [57456 2011-02-08] (Giga-Byte Technology CO., LTD.)
S3 xnacc; C:\Windows\System32\DRIVERS\xnacc.sys [465408 2009-07-14] (Microsoft Corporation)
R1 {9a9157bb-003e-4fef-8bd1-c09bc4586a28}Gw; C:\Windows\System32\drivers\{9a9157bb-003e-4fef-8bd1-c09bc4586a28}Gw.sys [52416 2014-08-16] (StdLib)
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [48128 2009-07-14] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-20 14:42 - 2014-08-20 15:17 - 00000000 ____D () C:\AdwCleaner
2014-08-20 14:41 - 2014-08-20 14:41 - 01361671 _____ () C:\Users\Max\Downloads\adwcleaner_3.307.exe
2014-08-20 14:20 - 2014-08-20 14:20 - 00001762 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-08-20 14:20 - 2014-08-20 14:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-08-20 14:20 - 2014-08-20 14:20 - 00000000 ____D () C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-08-20 14:20 - 2014-08-20 14:20 - 00000000 ____D () C:\Program Files\iTunes
2014-08-20 14:20 - 2014-08-20 14:20 - 00000000 ____D () C:\Program Files\iPod
2014-08-20 00:45 - 2014-08-16 23:49 - 00052416 _____ (StdLib) C:\Windows\system32\Drivers\{9a9157bb-003e-4fef-8bd1-c09bc4586a28}Gw.sys
2014-08-20 00:28 - 2014-08-20 00:28 - 00000468 _____ () C:\Users\Max\Downloads\defogger_disable.log
2014-08-20 00:28 - 2014-08-20 00:28 - 00000240 _____ () C:\Users\Max\Downloads\defogger_enable.log
2014-08-20 00:26 - 2014-08-20 00:26 - 00050477 _____ () C:\Users\Max\Downloads\Defogger.exe
2014-08-20 00:18 - 2014-08-20 00:19 - 00037803 _____ () C:\Users\Max\Downloads\Addition.txt
2014-08-20 00:16 - 2014-08-20 16:28 - 00029870 _____ () C:\Users\Max\Downloads\FRST.txt
2014-08-20 00:16 - 2014-08-20 16:28 - 00000000 ____D () C:\FRST
2014-08-20 00:15 - 2014-08-20 00:15 - 01093632 _____ (Farbar) C:\Users\Max\Downloads\FRST.exe
2014-08-20 00:10 - 2014-08-20 00:10 - 00001227 _____ () C:\Users\Max\Desktop\Revo Uninstaller.lnk
2014-08-20 00:10 - 2014-08-20 00:10 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-08-20 00:08 - 2014-08-20 00:09 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Max\Downloads\revosetup95.exe
2014-08-19 23:40 - 2014-08-20 13:47 - 00000000 ____D () C:\Program Files\ToggleMark
2014-08-14 20:14 - 2014-08-14 20:14 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-08-14 19:09 - 2014-08-18 22:23 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-14 19:09 - 2014-08-18 22:22 - 00001104 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-14 02:07 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-14 02:07 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-14 02:07 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-14 02:07 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-14 00:01 - 2014-08-01 01:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-14 00:01 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-14 00:01 - 2014-07-25 15:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-14 00:01 - 2014-07-25 15:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-14 00:01 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-14 00:01 - 2014-07-25 14:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-14 00:01 - 2014-07-25 14:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-14 00:01 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-14 00:01 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-14 00:01 - 2014-07-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-14 00:01 - 2014-07-25 14:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-14 00:01 - 2014-07-25 14:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-14 00:01 - 2014-07-25 14:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-14 00:01 - 2014-07-25 14:10 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-14 00:01 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-14 00:01 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-14 00:01 - 2014-07-25 13:59 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-14 00:01 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-14 00:01 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-14 00:01 - 2014-07-25 13:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-14 00:01 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-14 00:01 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-14 00:01 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-14 00:01 - 2014-07-25 13:09 - 00663040 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-14 00:01 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-14 00:01 - 2014-07-25 13:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-14 00:01 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-14 00:01 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-14 00:01 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-14 00:01 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-13 23:55 - 2014-07-14 03:42 - 00654336 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-13 23:55 - 2014-06-16 03:44 - 00730048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-13 23:55 - 2014-06-16 03:44 - 00219072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2014-08-13 23:55 - 2014-06-16 03:40 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2014-08-13 23:53 - 2014-07-16 04:47 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-13 23:53 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-13 23:53 - 2014-07-16 03:47 - 02352640 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-13 23:52 - 2014-06-03 11:30 - 00101824 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-13 23:52 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-13 23:52 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-13 23:52 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-13 23:48 - 2014-07-09 03:29 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-08-13 23:48 - 2014-07-09 03:29 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-08-13 23:48 - 2014-07-09 03:29 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-08-13 23:48 - 2014-07-09 03:29 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-08-13 23:48 - 2014-07-09 03:29 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-08-13 23:48 - 2014-07-09 00:30 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-08-13 23:48 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-11 01:48 - 2014-08-11 01:48 - 00001500 _____ () C:\Users\Public\Desktop\Wing Commander III.lnk
2014-08-11 01:48 - 2014-08-11 01:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wing Commander III
2014-08-04 21:45 - 2014-08-04 21:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2014-08-04 21:45 - 2014-08-04 21:45 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-08-02 18:45 - 2014-08-14 23:55 - 00000000 ____D () C:\Windows\rescache
2014-08-01 19:13 - 2014-05-14 18:23 - 01973728 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-01 19:13 - 2014-05-14 18:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-01 19:13 - 2014-05-14 18:23 - 00054240 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-01 19:13 - 2014-05-14 18:23 - 00045536 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-08-01 19:13 - 2014-05-14 18:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-08-01 19:13 - 2014-05-14 18:17 - 02425856 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-01 19:13 - 2014-05-14 18:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-01 19:12 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-01 19:12 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-07-30 16:07 - 2014-07-30 16:07 - 00000970 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-07-30 16:07 - 2014-07-30 16:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-07-30 16:07 - 2014-07-30 16:07 - 00000000 ____D () C:\Program Files\CCleaner
2014-07-30 16:06 - 2014-07-30 16:06 - 04813544 _____ (Piriform Ltd) C:\Users\Max\Downloads\ccsetup416.exe
2014-07-21 14:36 - 2014-07-21 15:17 - 00000000 ____D () C:\Users\Max\Downloads\The.Elder.Scrolls.V.Skyrim.Update.9-RELOADED

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-20 16:28 - 2014-08-20 00:16 - 00029870 _____ () C:\Users\Max\Downloads\FRST.txt
2014-08-20 16:28 - 2014-08-20 00:16 - 00000000 ____D () C:\FRST
2014-08-20 16:28 - 2012-11-10 22:18 - 00001112 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-599103058-399197357-876646614-1000UA.job
2014-08-20 16:24 - 2013-11-25 21:19 - 00000914 _____ () C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineUA.job
2014-08-20 16:03 - 2012-12-13 21:05 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-20 15:39 - 2013-03-14 22:34 - 00000920 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-599103058-399197357-876646614-1000UA.job
2014-08-20 15:32 - 2014-07-15 22:43 - 00003072 _____ () C:\Users\Max\AppData\Local\BlockAndSurfdb.sqlite
2014-08-20 15:17 - 2014-08-20 14:42 - 00000000 ____D () C:\AdwCleaner
2014-08-20 14:52 - 2013-01-27 19:58 - 00000000 ____D () C:\ProgramData\Origin
2014-08-20 14:52 - 2012-11-09 19:00 - 00000000 ____D () C:\Users\Max\AppData\Roaming\uTorrent
2014-08-20 14:42 - 2012-11-10 22:50 - 00000000 ____D () C:\Users\Max\AppData\Roaming\Skype
2014-08-20 14:41 - 2014-08-20 14:41 - 01361671 _____ () C:\Users\Max\Downloads\adwcleaner_3.307.exe
2014-08-20 14:41 - 2013-06-05 20:41 - 00001876 _____ () C:\Windows\Tasks\Plus-HD-2.2-chromeinstaller.job
2014-08-20 14:41 - 2013-06-05 20:41 - 00001802 _____ () C:\Windows\Tasks\Plus-HD-2.2-firefoxinstaller.job
2014-08-20 14:41 - 2013-06-05 20:41 - 00001182 _____ () C:\Windows\Tasks\Plus-HD-2.2-codedownloader.job
2014-08-20 14:41 - 2013-06-05 20:41 - 00001178 _____ () C:\Windows\Tasks\Plus-HD-2.2-updater.job
2014-08-20 14:41 - 2013-06-05 20:41 - 00001082 _____ () C:\Windows\Tasks\Plus-HD-2.2-enabler.job
2014-08-20 14:28 - 2013-10-15 18:47 - 00001060 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-599103058-399197357-876646614-1000Core1cec9c63a82270b.job
2014-08-20 14:20 - 2014-08-20 14:20 - 00001762 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-08-20 14:20 - 2014-08-20 14:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-08-20 14:20 - 2014-08-20 14:20 - 00000000 ____D () C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-08-20 14:20 - 2014-08-20 14:20 - 00000000 ____D () C:\Program Files\iTunes
2014-08-20 14:20 - 2014-08-20 14:20 - 00000000 ____D () C:\Program Files\iPod
2014-08-20 14:20 - 2012-12-29 15:39 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-08-20 13:55 - 2009-07-14 06:34 - 00023232 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-20 13:55 - 2009-07-14 06:34 - 00023232 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-20 13:55 - 2009-07-14 04:04 - 00000540 _____ () C:\Windows\win.ini
2014-08-20 13:54 - 2014-07-04 20:06 - 00000000 ____D () C:\Users\Max\AppData\Local\fst_de_80
2014-08-20 13:53 - 2014-07-15 22:43 - 00000394 _____ () C:\Windows\Tasks\BlockAndSurf Update.job
2014-08-20 13:53 - 2014-07-14 22:08 - 00000000 ____D () C:\Program Files\Steam
2014-08-20 13:53 - 2013-01-27 19:58 - 00000000 ____D () C:\Program Files\Origin
2014-08-20 13:53 - 2012-11-10 03:06 - 01920997 _____ () C:\Windows\WindowsUpdate.log
2014-08-20 13:51 - 2014-07-15 22:43 - 00000372 _____ () C:\Windows\Tasks\BlockAndSurf_wd.job
2014-08-20 13:51 - 2014-04-05 19:12 - 00002190 _____ () C:\Windows\Tasks\643828eb-3b53-49d1-b15a-563187f9bc97-4.job
2014-08-20 13:51 - 2014-04-05 19:12 - 00001504 _____ () C:\Windows\Tasks\643828eb-3b53-49d1-b15a-563187f9bc97-5.job
2014-08-20 13:51 - 2014-04-05 19:12 - 00001442 _____ () C:\Windows\Tasks\643828eb-3b53-49d1-b15a-563187f9bc97-1.job
2014-08-20 13:51 - 2014-04-05 19:12 - 00001418 _____ () C:\Windows\Tasks\643828eb-3b53-49d1-b15a-563187f9bc97-2.job
2014-08-20 13:51 - 2014-04-05 19:11 - 00003110 _____ () C:\Windows\Tasks\643828eb-3b53-49d1-b15a-563187f9bc97-3.job
2014-08-20 13:51 - 2014-04-05 19:07 - 00001432 _____ () C:\Windows\Tasks\f948fe0d-923c-4a19-9b82-87f2f2abe4b9-5.job
2014-08-20 13:51 - 2014-04-05 19:07 - 00001362 _____ () C:\Windows\Tasks\f948fe0d-923c-4a19-9b82-87f2f2abe4b9-1.job
2014-08-20 13:51 - 2014-04-05 19:07 - 00001346 _____ () C:\Windows\Tasks\f948fe0d-923c-4a19-9b82-87f2f2abe4b9-2.job
2014-08-20 13:51 - 2014-04-05 19:06 - 00002758 _____ () C:\Windows\Tasks\f948fe0d-923c-4a19-9b82-87f2f2abe4b9-3.job
2014-08-20 13:51 - 2014-04-05 19:06 - 00002094 _____ () C:\Windows\Tasks\f948fe0d-923c-4a19-9b82-87f2f2abe4b9-4.job
2014-08-20 13:51 - 2013-11-25 21:19 - 00000910 _____ () C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineCore.job
2014-08-20 13:47 - 2014-08-19 23:40 - 00000000 ____D () C:\Program Files\ToggleMark
2014-08-20 13:47 - 2013-10-24 19:37 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-08-20 13:47 - 2012-12-08 17:48 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-08-20 13:47 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-20 13:47 - 2009-07-14 06:39 - 00108161 _____ () C:\Windows\setupact.log
2014-08-20 01:38 - 2014-07-04 20:06 - 00000000 ____D () C:\Program Files\fst_de_80
2014-08-20 00:28 - 2014-08-20 00:28 - 00000468 _____ () C:\Users\Max\Downloads\defogger_disable.log
2014-08-20 00:28 - 2014-08-20 00:28 - 00000240 _____ () C:\Users\Max\Downloads\defogger_enable.log
2014-08-20 00:28 - 2012-11-09 18:28 - 00000000 ____D () C:\Users\Max
2014-08-20 00:26 - 2014-08-20 00:26 - 00050477 _____ () C:\Users\Max\Downloads\Defogger.exe
2014-08-20 00:19 - 2014-08-20 00:18 - 00037803 _____ () C:\Users\Max\Downloads\Addition.txt
2014-08-20 00:18 - 2013-11-25 21:19 - 00000000 ____D () C:\Users\Max\AppData\Roaming\SaveSense
2014-08-20 00:15 - 2014-08-20 00:15 - 01093632 _____ (Farbar) C:\Users\Max\Downloads\FRST.exe
2014-08-20 00:10 - 2014-08-20 00:10 - 00001227 _____ () C:\Users\Max\Desktop\Revo Uninstaller.lnk
2014-08-20 00:10 - 2014-08-20 00:10 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-08-20 00:09 - 2014-08-20 00:08 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Max\Downloads\revosetup95.exe
2014-08-19 23:28 - 2009-07-14 06:33 - 00294544 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-19 01:44 - 2013-12-24 19:48 - 00000000 ____D () C:\Users\Max\Documents\FIFA 14
2014-08-18 22:23 - 2014-08-14 19:09 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-18 22:22 - 2014-08-14 19:09 - 00001104 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-18 22:22 - 2013-02-10 14:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-08-18 22:22 - 2013-02-10 14:37 - 00000000 ____D () C:\Program Files\Avira
2014-08-18 22:19 - 2013-12-21 14:19 - 00000179 _____ () C:\Users\Max\AppData\Roaming\WB.CFG
2014-08-17 21:39 - 2013-03-14 22:34 - 00000898 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-599103058-399197357-876646614-1000Core.job
2014-08-16 23:49 - 2014-08-20 00:45 - 00052416 _____ (StdLib) C:\Windows\system32\Drivers\{9a9157bb-003e-4fef-8bd1-c09bc4586a28}Gw.sys
2014-08-15 00:32 - 2012-11-10 22:25 - 00002523 _____ () C:\Users\Max\Desktop\Google Chrome.lnk
2014-08-14 23:55 - 2014-08-02 18:45 - 00000000 ____D () C:\Windows\rescache
2014-08-14 23:05 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-08-14 20:14 - 2014-08-14 20:14 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-08-14 19:09 - 2013-02-10 14:37 - 00000000 ____D () C:\ProgramData\Avira
2014-08-14 18:50 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\de-DE
2014-08-14 02:16 - 2013-07-20 17:30 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-14 02:09 - 2012-11-11 22:38 - 96303304 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-11 01:48 - 2014-08-11 01:48 - 00001500 _____ () C:\Users\Public\Desktop\Wing Commander III.lnk
2014-08-11 01:48 - 2014-08-11 01:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wing Commander III
2014-08-11 01:48 - 2009-07-14 06:52 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-08-10 19:25 - 2013-01-27 20:05 - 00000000 ____D () C:\Program Files\Origin Games
2014-08-04 21:49 - 2014-07-15 22:42 - 00000000 ____D () C:\Program Files\v04BlockAndSurf
2014-08-04 21:45 - 2014-08-04 21:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2014-08-04 21:45 - 2014-08-04 21:45 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-08-04 21:45 - 2013-04-30 21:28 - 00002021 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2014-08-04 21:45 - 2013-04-30 21:28 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-08-01 01:16 - 2014-08-14 00:01 - 00307384 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-31 22:52 - 2012-11-10 22:50 - 00000000 ___RD () C:\Program Files\Skype
2014-07-31 22:48 - 2014-07-05 11:48 - 00000000 ____D () C:\Program Files\Bench
2014-07-31 22:48 - 2012-11-10 23:37 - 00943558 _____ () C:\Windows\PFRO.log
2014-07-30 18:54 - 2014-06-11 11:52 - 00000000 ____D () C:\Users\Max\AppData\Roaming\omiga-plus
2014-07-30 18:53 - 2014-03-13 13:22 - 00000000 __SHD () C:\Windows\system32\AI_RecycleBin
2014-07-30 18:52 - 2014-04-05 19:05 - 00000602 __RSH () C:\ProgramData\ntuser.pol
2014-07-30 16:07 - 2014-07-30 16:07 - 00000970 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-07-30 16:07 - 2014-07-30 16:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-07-30 16:07 - 2014-07-30 16:07 - 00000000 ____D () C:\Program Files\CCleaner
2014-07-30 16:06 - 2014-07-30 16:06 - 04813544 _____ (Piriform Ltd) C:\Users\Max\Downloads\ccsetup416.exe
2014-07-30 15:46 - 2014-04-05 19:19 - 00001082 _____ () C:\Users\Max\Desktop\Continue VuuPC Installation.lnk
2014-07-30 15:22 - 2014-07-05 11:49 - 00000003 _____ () C:\Users\Max\AppData\Local\proxy.log
2014-07-25 15:51 - 2014-08-14 00:01 - 17524224 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-25 15:04 - 2014-08-14 00:01 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-25 15:03 - 2014-08-14 00:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-07-25 14:34 - 2014-08-14 00:01 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-25 14:34 - 2014-08-14 00:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-25 14:33 - 2014-08-14 00:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-07-25 14:30 - 2014-08-14 00:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-07-25 14:21 - 2014-08-14 00:01 - 02184704 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-25 14:18 - 2014-08-14 00:01 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-25 14:17 - 2014-08-14 00:01 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-25 14:12 - 2014-08-14 00:01 - 00438784 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-25 14:10 - 2014-08-14 00:01 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-25 14:10 - 2014-08-14 00:01 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-07-25 14:08 - 2014-08-14 00:01 - 00597504 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-07-25 14:06 - 2014-08-14 00:01 - 04204032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-25 13:59 - 2014-08-14 00:01 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-25 13:52 - 2014-08-14 00:01 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-25 13:43 - 2014-08-14 00:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-25 13:36 - 2014-08-14 00:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-25 13:34 - 2014-08-14 00:01 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-25 13:29 - 2014-08-14 00:01 - 00239616 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-25 13:13 - 2014-08-14 00:01 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-25 13:09 - 2014-08-14 00:01 - 00663040 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-25 13:07 - 2014-08-14 00:01 - 02001920 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-25 13:07 - 2014-08-14 00:01 - 01068032 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-07-25 13:03 - 2014-08-14 00:01 - 11772928 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-25 12:09 - 2014-08-14 00:01 - 00704512 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-25 12:05 - 2014-08-14 00:01 - 01792512 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-25 12:00 - 2014-08-14 00:01 - 01169920 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-21 15:17 - 2014-07-21 14:36 - 00000000 ____D () C:\Users\Max\Downloads\The.Elder.Scrolls.V.Skyrim.Update.9-RELOADED
2014-07-21 13:46 - 2014-07-14 21:35 - 00000000 ____D () C:\Program Files\The Elder Scrolls V Skyrim

Some content of TEMP:
====================
C:\Users\Max\AppData\Local\Temp\avgnt.exe
C:\Users\Max\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-08-17 19:24

==================== End Of Log ============================

--- --- ---

--- --- ---

eine "Addition" kam bei mir nicht

LG

der halma

Sorry, habe sie doch noch gefunden (nicht gleich beim ersten mal gesehen :P )

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x86) Version:19-08-2014
Ran by Max at 2014-08-20 00:18:23
Running from C:\Users\Max\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Reader XI (11.0.08) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Ask Toolbar Updater (HKCU\...\{79A765E1-C399-405B-85AF-466F52E918B0}) (Version: 1.2.4.37949 - Ask.com) <==== ATTENTION
Avira (HKLM\...\{e67154a7-9cc5-4167-b782-f3982bc6c70d}) (Version: 1.1.19.30000 - Avira Operations GmbH & Co. KG)
Avira (Version: 1.1.19.30000 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM\...\Avira AntiVir Desktop) (Version: 14.0.6.552 - Avira)
Battlefield Play4Free (HKCU\...\{87686C21-8A15-4b4d-A3F1-11141D9BE094}) (Version:  - EA Digital illusions)
FIFA 14 (HKLM\...\{AA7A2800-1E75-4240-855B-03AFF8E5171E}) (Version: 1.0.0.7 - Electronic Arts)
Google Chrome (HKCU\...\Google Chrome) (Version: 36.0.1985.143 - Google Inc.)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Mozilla Firefox 31.0 (x86 de) (HKLM\...\Mozilla Firefox 31.0 (x86 de)) (Version: 31.0 - Mozilla)
MyFreeCodec (HKCU\...\MyFreeCodec) (Version:  - )
Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Skype Click to Call (HKLM\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
ToggleMark (HKLM\...\ToggleMark) (Version: 2014.08.19.192915 - ToggleMark) <==== ATTENTION
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Wing Commander III (HKLM\...\{F96B9930-E22A-44D6-81B5-6C8E92C21B4B}) (Version: 2.0.0.2 - Electronic Arts)
Yahoo Community Smartbar Engine (HKCU\...\{72966a28-4f87-49d2-bdbc-c0e3d562272e}) (Version: 10.201.66.14591 - Linkury Inc.) <==== ATTENTION

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-599103058-399197357-876646614-1000_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\Max\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-599103058-399197357-876646614-1000_Classes\CLSID\{035FBE31-3755-450A-A775-5E6BBD43D344}\InprocServer32 -> C:\Users\Max\AppData\Local\Google\Update\1.3.21.135\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-599103058-399197357-876646614-1000_Classes\CLSID\{04FE3112-DB93-424D-B958-5E709395693F}\InprocServer32 -> C:\Users\Max\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.)
CustomCLSID: HKU\S-1-5-21-599103058-399197357-876646614-1000_Classes\CLSID\{087B3AE3-E237-4467-B8DB-5A38AB959AC9}\InprocServer32 -> C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-599103058-399197357-876646614-1000_Classes\CLSID\{1c492e6a-2803-5ed7-83e1-1b1d4d41eb39}\InprocServer32 -> C:\Program Files\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
CustomCLSID: HKU\S-1-5-21-599103058-399197357-876646614-1000_Classes\CLSID\{1FD1FE74-9E3C-4C1C-AEEB-AAB592AD770F}\localserver32 -> C:\Users\Max\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-599103058-399197357-876646614-1000_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\Max\AppData\Local\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-599103058-399197357-876646614-1000_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\Max\AppData\Local\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-599103058-399197357-876646614-1000_Classes\CLSID\{30A2652A-DDF7-45e7-ACA6-3EAB26FC8A4E}\localserver32 -> C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
CustomCLSID: HKU\S-1-5-21-599103058-399197357-876646614-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Max\AppData\Local\Google\Update\1.3.23.9\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-599103058-399197357-876646614-1000_Classes\CLSID\{3B092F0C-7696-40E3-A80F-68D74DA84210}\InprocServer32 -> C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-599103058-399197357-876646614-1000_Classes\CLSID\{41662FC2-0D57-4aff-AB27-AD2E12E7C273}\localserver32 -> C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
CustomCLSID: HKU\S-1-5-21-599103058-399197357-876646614-1000_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\Max\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS)
CustomCLSID: HKU\S-1-5-21-599103058-399197357-876646614-1000_Classes\CLSID\{448BB771-CFE2-47C4-BCDF-1FBF378E202C}\localserver32 -> C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
CustomCLSID: HKU\S-1-5-21-599103058-399197357-876646614-1000_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\Max\AppData\Local\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-599103058-399197357-876646614-1000_Classes\CLSID\{5C65F4B0-3651-4514-B207-D10CB699B14B}\localserver32 -> C:\Users\Max\AppData\Local\Google\Chrome\Application\36.0.1985.143\delegate_execute.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-599103058-399197357-876646614-1000_Classes\CLSID\{5E71E4F3-E8C7-4906-9626-973E418762B6}\InprocServer32 -> C:\Users\Max\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-599103058-399197357-876646614-1000_Classes\CLSID\{62A0D750-DED9-448C-B693-406B34BB0892}\InprocServer32 -> C:\Users\Max\AppData\Local\Google\Update\1.3.21.145\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-599103058-399197357-876646614-1000_Classes\CLSID\{634059C0-D264-4B2C-AE80-F73E48D33E5B}\InprocServer32 -> C:\Users\Max\AppData\Local\Google\Update\1.3.21.123\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-599103058-399197357-876646614-1000_Classes\CLSID\{63542C48-9552-494A-84F7-73AA6A7C99C1}\InprocServer32 -> C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-599103058-399197357-876646614-1000_Classes\CLSID\{6D7374DE-63AA-473C-8C02-60D9CDCD84C5}\InprocServer32 -> C:\Users\Max\AppData\Local\Google\Update\1.3.21.153\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-599103058-399197357-876646614-1000_Classes\CLSID\{7B342DC4-139A-4a46-8A93-DB0827CCEE9C}\localserver32 -> C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
CustomCLSID: HKU\S-1-5-21-599103058-399197357-876646614-1000_Classes\CLSID\{7BC0E710-5703-45BE-A29D-5D46D8B39262}\InprocServer32 -> C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\ooofilt.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-599103058-399197357-876646614-1000_Classes\CLSID\{7FA8AE11-B3E3-4D88-AABF-255526CD1CE8}\localserver32 -> C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
CustomCLSID: HKU\S-1-5-21-599103058-399197357-876646614-1000_Classes\CLSID\{80A95F12-94C2-4B1D-8AE3-F0CBE5E96E85}\InprocServer32 -> C:\Users\Max\AppData\Local\ASKTOO~1\DOWNLO~1\AVIRAW~1.DLL No File
CustomCLSID: HKU\S-1-5-21-599103058-399197357-876646614-1000_Classes\CLSID\{82154420-0FBF-11d4-8313-005004526AB4}\localserver32 -> C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
CustomCLSID: HKU\S-1-5-21-599103058-399197357-876646614-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Max\AppData\Local\Google\Update\1.3.24.15\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-599103058-399197357-876646614-1000_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61}\InprocServer32 -> C:\Users\Max\AppData\Local\Google\Update\1.3.22.3\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-599103058-399197357-876646614-1000_Classes\CLSID\{A54D478D-4F70-4F72-9A74-17C9986E35AB}\InprocServer32 -> C:\Users\Max\AppData\Local\Google\Update\1.3.21.165\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-599103058-399197357-876646614-1000_Classes\CLSID\{AE424E85-F6DF-4910-A6A9-438797986431}\InprocServer32 -> C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\propertyhdl.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-599103058-399197357-876646614-1000_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\Max\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-599103058-399197357-876646614-1000_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\Max\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-599103058-399197357-876646614-1000_Classes\CLSID\{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\InprocServer32 -> C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-599103058-399197357-876646614-1000_Classes\CLSID\{D0484DE6-AAEE-468a-991F-8D4B0737B57A}\localserver32 -> C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
CustomCLSID: HKU\S-1-5-21-599103058-399197357-876646614-1000_Classes\CLSID\{D2D59CD1-0A6A-4D36-AE20-47817077D57C}\localserver32 -> C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
CustomCLSID: HKU\S-1-5-21-599103058-399197357-876646614-1000_Classes\CLSID\{E5A0B632-DFBA-4549-9346-E414DA06E6F8}\localserver32 -> C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
CustomCLSID: HKU\S-1-5-21-599103058-399197357-876646614-1000_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\Max\AppData\Local\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-599103058-399197357-876646614-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Max\AppData\Local\Google\Update\1.3.24.15\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-599103058-399197357-876646614-1000_Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93}\InprocServer32 -> C:\Users\Max\AppData\Local\Google\Update\1.3.22.5\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-599103058-399197357-876646614-1000_Classes\CLSID\{EE5D1EA4-D445-4289-B2FC-55FC93693917}\localserver32 -> C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
CustomCLSID: HKU\S-1-5-21-599103058-399197357-876646614-1000_Classes\CLSID\{F616B81F-7BB8-4F22-B8A5-47428D59F8AD}\localserver32 -> C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
CustomCLSID: HKU\S-1-5-21-599103058-399197357-876646614-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Max\AppData\Local\Google\Update\1.3.24.7\psuser.dll No File

==================== Restore Points  =========================

19-08-2014 22:11:50 Revo Uninstaller's restore point - SaveSense

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0071C64D-D48B-4B1A-9E32-E7C6AE4CCB3C} - System32\Tasks\f948fe0d-923c-4a19-9b82-87f2f2abe4b9-2 => C:\Program Files\Freeven pro\f948fe0d-923c-4a19-9b82-87f2f2abe4b9-2.exe <==== ATTENTION
Task: {0AF4075E-9DCF-45C1-9B60-9400358D4820} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-599103058-399197357-876646614-1000Core => C:\Users\Max\AppData\Local\Google\Update\GoogleUpdate.exe [2012-11-10] (Google Inc.)
Task: {10A2B12E-3B1F-4AE5-A5CF-8B26EC593DEB} - System32\Tasks\f948fe0d-923c-4a19-9b82-87f2f2abe4b9-5 => C:\Program Files\Freeven pro\f948fe0d-923c-4a19-9b82-87f2f2abe4b9-5.exe <==== ATTENTION
Task: {1DF39F5A-EEA5-4BFF-A50F-A6E6BE73C07A} - System32\Tasks\f948fe0d-923c-4a19-9b82-87f2f2abe4b9-1 => C:\Program Files\Freeven pro\Freeven pro-codedownloader.exe <==== ATTENTION
Task: {1EAB67E2-07E4-402F-8D08-4C3EF7813342} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-599103058-399197357-876646614-1000UA => C:\Users\Max\AppData\Local\Google\Update\GoogleUpdate.exe [2012-11-10] (Google Inc.)
Task: {21A62AC8-5565-4438-8B96-879ED81F2C6B} - System32\Tasks\SaveSenseLiveUpdateTaskMachineCore => C:\Program Files\SaveSenseLive\Update\SaveSenseLive.exe [2013-11-25] (SaveSense) <==== ATTENTION
Task: {233C8D37-3269-42EE-8E5A-9DD484287349} - System32\Tasks\643828eb-3b53-49d1-b15a-563187f9bc97-1 => C:\Program Files\MediaPlayerplus\MediaPlayerplus-codedownloader.exe <==== ATTENTION
Task: {3260D282-E5DE-455A-A316-90A41C04EAAF} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {3619540F-CF42-48B7-A063-5868EB6AF83A} - System32\Tasks\Plus-HD-2.2-codedownloader => C:\Program Files\Plus-HD-2.2\Plus-HD-2.2-codedownloader.exe
Task: {424A3E36-FC77-45E2-AB6C-E65493383CB2} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-07-23] (Piriform Ltd)
Task: {50A16621-7A8E-4063-8CF6-52AFAB5780F9} - System32\Tasks\Plus-HD-2.2-chromeinstaller => C:\Program Files\Plus-HD-2.2\Plus-HD-2.2-chromeinstaller.exe
Task: {5472F101-1E5E-4B1B-A3AC-ED0F726B57DA} - System32\Tasks\643828eb-3b53-49d1-b15a-563187f9bc97-5 => C:\Program Files\MediaPlayerplus\643828eb-3b53-49d1-b15a-563187f9bc97-5.exe <==== ATTENTION
Task: {5DC7D644-863C-497C-9062-5432D9AD5237} - System32\Tasks\643828eb-3b53-49d1-b15a-563187f9bc97-2 => C:\Program Files\MediaPlayerplus\643828eb-3b53-49d1-b15a-563187f9bc97-2.exe <==== ATTENTION
Task: {6CD4568F-66EB-469F-954A-836341409DE3} - System32\Tasks\Desk 365 RunAsStdUser => C:\Program Files\Desk 365\desk365.exe <==== ATTENTION
Task: {6FE6A48D-03CB-476A-8A9D-DD05B23DE059} - System32\Tasks\EPUpdater => C:\Users\Max\AppData\Roaming\BABSOL~1\Shared\BabMaint.exe <==== ATTENTION
Task: {70E26E48-7F94-4A55-97C0-EA93A815066C} - System32\Tasks\Plus-HD-2.2-firefoxinstaller => C:\Program Files\Plus-HD-2.2\Plus-HD-2.2-firefoxinstaller.exe
Task: {939CF649-EF07-4271-9B91-DFB9E8953593} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-11] (Adobe Systems Incorporated)
Task: {9B3D592B-D7F1-4B8E-B330-4FA174300D8A} - System32\Tasks\SaveSenseLiveUpdateTaskMachineUA => C:\Program Files\SaveSenseLive\Update\SaveSenseLive.exe [2013-11-25] (SaveSense) <==== ATTENTION
Task: {A28230C3-5BE5-4A25-A86C-546675A2768B} - System32\Tasks\643828eb-3b53-49d1-b15a-563187f9bc97-4 => C:\Program Files\MediaPlayerplus\643828eb-3b53-49d1-b15a-563187f9bc97-4.exe <==== ATTENTION
Task: {B36B1699-164E-430E-828E-FC23E23F7183} - System32\Tasks\{48FC7E73-673A-4CB5-8BC8-588EDE4ADE8E} => Firefox.exe hxxp://ui.skype.com/ui/0/6.1.60.129/de/abandoninstall?page=tsProgressBar
Task: {B743AB12-9E6C-4FD5-9E15-5392DFE9E8E1} - System32\Tasks\f948fe0d-923c-4a19-9b82-87f2f2abe4b9-4 => C:\Program Files\Freeven pro\f948fe0d-923c-4a19-9b82-87f2f2abe4b9-4.exe <==== ATTENTION
Task: {BB11DABE-EA5F-4213-A940-9ABFE29928D7} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-599103058-399197357-876646614-1000UA => C:\Users\Max\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-03-14] (Facebook Inc.)
Task: {C929E71B-A9D5-4215-8989-EF4F0674DD7A} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-599103058-399197357-876646614-1000Core1cec9c63a82270b => C:\Users\Max\AppData\Local\Google\Update\GoogleUpdate.exe [2012-11-10] (Google Inc.)
Task: {C9D1A74D-40E8-45BA-B714-3EB243BA555F} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-599103058-399197357-876646614-1000Core => C:\Users\Max\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-03-14] (Facebook Inc.)
Task: {CBAB6720-A9B3-4355-B92E-10B9C3856156} - System32\Tasks\BlockAndSurf Update => C:\Program Files\v04BlockAndSurf\v02BlockAndSurfV21.exe [2014-07-15] ()
Task: {D3026937-C493-401D-BFE1-1EFED8457A6D} - System32\Tasks\f948fe0d-923c-4a19-9b82-87f2f2abe4b9-3 => C:\Program Files\Freeven pro\f948fe0d-923c-4a19-9b82-87f2f2abe4b9-3.exe <==== ATTENTION
Task: {D8FC700D-DB36-4C53-A33C-FC8B1718FE9E} - System32\Tasks\BlockAndSurf_wd => C:\Program Files\v04BlockAndSurf\w4BlockAndSurfF.exe
Task: {D9C0719F-C64F-4505-9FFF-B702759547B6} - System32\Tasks\Plus-HD-2.2-enabler => C:\Program Files\Plus-HD-2.2\Plus-HD-2.2-enabler.exe
Task: {E940FFD0-CFAF-4365-BD5E-D65B9C07C8AB} - System32\Tasks\Plus-HD-2.2-updater => C:\Program Files\Plus-HD-2.2\Plus-HD-2.2-updater.exe
Task: {EF909426-9C69-4404-9063-9B0B6FD3B844} - System32\Tasks\{21355931-9FF8-4C68-84AE-D409493FBDCC} => Firefox.exe hxxp://ui.skype.com/ui/0/6.1.60.129/de/abandoninstall?page=tsProgressBar
Task: {F37E10B9-6D6C-4B15-B0A8-6E34BFDAF4E0} - System32\Tasks\643828eb-3b53-49d1-b15a-563187f9bc97-3 => C:\Program Files\MediaPlayerplus\643828eb-3b53-49d1-b15a-563187f9bc97-3.exe <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\643828eb-3b53-49d1-b15a-563187f9bc97-1.job => C:\Program Files\MediaPlayerplus\MediaPlayerplus-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\643828eb-3b53-49d1-b15a-563187f9bc97-2.job => C:\Program Files\MediaPlayerplus\643828eb-3b53-49d1-b15a-563187f9bc97-2.exe <==== ATTENTION
Task: C:\Windows\Tasks\643828eb-3b53-49d1-b15a-563187f9bc97-3.job => C:\Program Files\MediaPlayerplus\643828eb-3b53-49d1-b15a-563187f9bc97-3.exe <==== ATTENTION
Task: C:\Windows\Tasks\643828eb-3b53-49d1-b15a-563187f9bc97-4.job => C:\Program Files\MediaPlayerplus\643828eb-3b53-49d1-b15a-563187f9bc97-4.exe <==== ATTENTION
Task: C:\Windows\Tasks\643828eb-3b53-49d1-b15a-563187f9bc97-5.job => C:\Program Files\MediaPlayerplus\643828eb-3b53-49d1-b15a-563187f9bc97-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\BlockAndSurf Update.job => C:\Program Files\v04BlockAndSurf\v02BlockAndSurfV21.exe <==== ATTENTION
Task: C:\Windows\Tasks\BlockAndSurf_wd.job => C:\Program Files\v04BlockAndSurf\w4BlockAndSurfF.exe <==== ATTENTION
Task: C:\Windows\Tasks\f948fe0d-923c-4a19-9b82-87f2f2abe4b9-1.job => C:\Program Files\Freeven pro\Freeven pro-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\f948fe0d-923c-4a19-9b82-87f2f2abe4b9-2.job => C:\Program Files\Freeven pro\f948fe0d-923c-4a19-9b82-87f2f2abe4b9-2.exe <==== ATTENTION
Task: C:\Windows\Tasks\f948fe0d-923c-4a19-9b82-87f2f2abe4b9-3.job => C:\Program Files\Freeven pro\f948fe0d-923c-4a19-9b82-87f2f2abe4b9-3.exe <==== ATTENTION
Task: C:\Windows\Tasks\f948fe0d-923c-4a19-9b82-87f2f2abe4b9-4.job => C:\Program Files\Freeven pro\f948fe0d-923c-4a19-9b82-87f2f2abe4b9-4.exe <==== ATTENTION
Task: C:\Windows\Tasks\f948fe0d-923c-4a19-9b82-87f2f2abe4b9-5.job => C:\Program Files\Freeven pro\f948fe0d-923c-4a19-9b82-87f2f2abe4b9-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-599103058-399197357-876646614-1000Core.job => C:\Users\Max\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-599103058-399197357-876646614-1000UA.job => C:\Users\Max\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-599103058-399197357-876646614-1000Core1cec9c63a82270b.job => C:\Users\Max\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-599103058-399197357-876646614-1000UA.job => C:\Users\Max\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Plus-HD-2.2-chromeinstaller.job => C:\Program Files\Plus-HD-2.2\Plus-HD-2.2-chromeinstaller.exe <==== ATTENTION
Task: C:\Windows\Tasks\Plus-HD-2.2-codedownloader.job => C:\Program Files\Plus-HD-2.2\Plus-HD-2.2-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\Plus-HD-2.2-enabler.job => C:\Program Files\Plus-HD-2.2\Plus-HD-2.2-enabler.exe <==== ATTENTION
Task: C:\Windows\Tasks\Plus-HD-2.2-firefoxinstaller.job => C:\Program Files\Plus-HD-2.2\Plus-HD-2.2-firefoxinstaller.exe <==== ATTENTION
Task: C:\Windows\Tasks\Plus-HD-2.2-updater.job => C:\Program Files\Plus-HD-2.2\Plus-HD-2.2-updater.exe <==== ATTENTION
Task: C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineCore.job => C:\Program Files\SaveSenseLive\Update\SaveSenseLive.exe <==== ATTENTION
Task: C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineUA.job => C:\Program Files\SaveSenseLive\Update\SaveSenseLive.exe <==== ATTENTION

==================== Loaded Modules (whitelisted) =============

2013-10-24 22:28 - 2013-10-15 23:57 - 00092448 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
2014-04-23 16:05 - 2014-04-23 16:05 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2014-04-23 16:04 - 2014-04-23 16:04 - 01044808 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2012-11-17 15:23 - 2014-06-15 17:14 - 00076888 _____ () C:\Windows\system32\PnkBstrA.exe
2014-08-04 14:20 - 2014-08-04 14:20 - 00139056 _____ () C:\Program Files\Avira\My Avira\Avira.OE.NativeCore.dll
2014-08-04 14:20 - 2014-08-04 14:20 - 00067832 _____ () C:\Program Files\Avira\My Avira\Avira.OE.AvConnectorNative.dll
2014-07-04 20:06 - 2014-07-03 11:20 - 05768672 _____ () C:\Users\Max\AppData\Local\fst_de_80\upfst_de_80.exe
2014-08-14 19:09 - 2014-08-04 14:20 - 00052472 _____ () C:\Users\Max\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
2014-07-04 20:06 - 2014-07-03 11:20 - 03975648 _____ () C:\Program Files\fst_de_80\fst_de_80.exe
2011-06-08 23:57 - 2011-06-08 23:57 - 01929576 _____ () C:\Windows\system32\HPScanTRDrv_DJ3050A_J611.dll
2014-01-29 19:53 - 2014-08-06 13:59 - 00962560 _____ () C:\Program Files\Origin\platforms\qwindows.dll
2014-01-29 19:53 - 2014-08-06 13:59 - 00024064 _____ () C:\Program Files\Origin\imageformats\qgif.dll
2014-01-29 19:53 - 2014-08-06 13:59 - 00025088 _____ () C:\Program Files\Origin\imageformats\qico.dll
2014-01-29 19:53 - 2014-08-06 13:59 - 00217088 _____ () C:\Program Files\Origin\imageformats\qjpeg.dll
2014-01-29 19:53 - 2014-08-06 13:59 - 00261632 _____ () C:\Program Files\Origin\imageformats\qmng.dll
2014-01-29 19:53 - 2014-08-06 13:59 - 00019968 _____ () C:\Program Files\Origin\imageformats\qtga.dll
2014-01-29 19:53 - 2014-08-06 13:59 - 00302592 _____ () C:\Program Files\Origin\imageformats\qtiff.dll
2014-01-29 19:53 - 2014-08-06 13:59 - 00018944 _____ () C:\Program Files\Origin\imageformats\qwbmp.dll
2014-07-15 22:42 - 2014-07-15 22:42 - 00130560 _____ () C:\Program Files\v04BlockAndSurf\BlockAndSurf.exe
2014-03-30 19:19 - 2014-03-30 19:19 - 00612664 _____ () C:\Program Files\v04BlockAndSurf\sqlite3.dll
2009-11-24 14:36 - 2009-11-24 14:36 - 00016384 ____R () C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll
2012-11-10 21:55 - 2012-11-10 21:55 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2014-08-15 00:32 - 2014-08-07 05:20 - 00718152 _____ () C:\Users\Max\AppData\Local\Google\Chrome\Application\36.0.1985.143\libglesv2.dll
2014-08-15 00:32 - 2014-08-07 05:20 - 00126280 _____ () C:\Users\Max\AppData\Local\Google\Chrome\Application\36.0.1985.143\libegl.dll
2014-08-15 00:32 - 2014-08-07 05:20 - 08537928 _____ () C:\Users\Max\AppData\Local\Google\Chrome\Application\36.0.1985.143\pdf.dll
2014-08-15 00:32 - 2014-08-07 05:20 - 00353096 _____ () C:\Users\Max\AppData\Local\Google\Chrome\Application\36.0.1985.143\ppGoogleNaClPluginChrome.dll
2014-08-15 00:32 - 2014-08-07 05:20 - 01732936 _____ () C:\Users\Max\AppData\Local\Google\Chrome\Application\36.0.1985.143\ffmpegsumo.dll
2014-08-19 21:29 - 2014-08-19 21:29 - 00323360 _____ () C:\Program Files\ToggleMark\updateToggleMark.exe

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:373E1720

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


==================== Faulty Device Manager Devices =============

Name: Programmable Root Enumerator
Description: Programming Support
Class Guid: {678dcf40-e2e6-11d5-8cd5-e960089ea00a}
Manufacturer: Mad Catz
Service: SaiNtBus
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Deskjet 3050A J611 series
Description: Deskjet 3050A J611 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (08/20/2014 00:11:47 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Access is denied.
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {8f36ce53-399b-4f94-aa90-c94c81c156fa}

Error: (08/17/2014 07:24:53 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (08/16/2014 03:59:58 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Access is denied.
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {7ff84075-7151-4470-98c9-85a7ea382d1f}

Error: (08/16/2014 02:06:21 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (08/16/2014 01:49:00 PM) (Source: MsiInstaller) (EventID: 1024) (User: MAXPC)
Description: Produkt: Adobe Reader XI (11.0.07) - Deutsch - Update "{AC76BA86-7AD7-0000-2550-7A8C40011008}" konnte nicht installiert werden. Fehlercode 1625. Windows Installer kann Protokolle erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung der Protokollierungsunterstützung zu erhalten: hxxp://go.microsoft.com/fwlink/?LinkId=23127

Error: (08/15/2014 11:27:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: fifa14.exe, Version: 1.7.0.0, Zeitstempel: 0x03f4e040
Name des fehlerhaften Moduls: nvd3dum.dll_unloaded, Version: 0.0.0.0, Zeitstempel: 0x525da3db
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0f54db1c
ID des fehlerhaften Prozesses: 0x14e8
Startzeit der fehlerhaften Anwendung: 0xfifa14.exe0
Pfad der fehlerhaften Anwendung: fifa14.exe1
Pfad des fehlerhaften Moduls: fifa14.exe2
Berichtskennung: fifa14.exe3

Error: (08/15/2014 11:00:59 PM) (Source: MsiInstaller) (EventID: 1024) (User: MAXPC)
Description: Produkt: Adobe Reader XI (11.0.07) - Deutsch - Update "{AC76BA86-7AD7-0000-2550-7A8C40011008}" konnte nicht installiert werden. Fehlercode 1625. Windows Installer kann Protokolle erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung der Protokollierungsunterstützung zu erhalten: hxxp://go.microsoft.com/fwlink/?LinkId=23127

Error: (08/15/2014 01:38:18 PM) (Source: MsiInstaller) (EventID: 1024) (User: MAXPC)
Description: Produkt: Adobe Reader XI (11.0.07) - Deutsch - Update "{AC76BA86-7AD7-0000-2550-7A8C40011008}" konnte nicht installiert werden. Fehlercode 1625. Windows Installer kann Protokolle erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung der Protokollierungsunterstützung zu erhalten: hxxp://go.microsoft.com/fwlink/?LinkId=23127

Error: (08/15/2014 01:09:00 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (08/14/2014 11:45:29 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".


System errors:
=============
Error: (08/19/2014 11:39:07 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (08/19/2014 11:34:35 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Peer Name Resolution Protocol" wurde mit folgendem Fehler beendet: 
%%-2140993535

Error: (08/19/2014 11:34:35 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Peer Networking Grouping" ist vom Dienst "Peer Name Resolution Protocol" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%-2140993535

Error: (08/19/2014 11:34:35 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Peer Name Resolution Protocol" wurde mit folgendem Fehler beendet: 
%%-2140993535

Error: (08/19/2014 11:34:35 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Peer Networking Grouping" ist vom Dienst "Peer Name Resolution Protocol" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%-2140993535

Error: (08/19/2014 11:34:35 PM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630801

Error: (08/19/2014 11:34:35 PM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630801

Error: (08/19/2014 11:34:26 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Peer Name Resolution Protocol" wurde mit folgendem Fehler beendet: 
%%-2140993535

Error: (08/19/2014 11:34:26 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Peer Networking Grouping" ist vom Dienst "Peer Name Resolution Protocol" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%-2140993535

Error: (08/19/2014 11:34:26 PM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630801


Microsoft Office Sessions:
=========================
Error: (08/20/2014 00:11:47 AM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005, Access is denied.


Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {8f36ce53-399b-4f94-aa90-c94c81c156fa}

Error: (08/17/2014 07:24:53 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Program Files\GIGABYTE\ET6\DLLS\install_flash_player_11_active_x_64bit.exe

Error: (08/16/2014 03:59:58 PM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005, Access is denied.


Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {7ff84075-7151-4470-98c9-85a7ea382d1f}

Error: (08/16/2014 02:06:21 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Program Files\GIGABYTE\ET6\DLLS\install_flash_player_11_active_x_64bit.exe

Error: (08/16/2014 01:49:00 PM) (Source: MsiInstaller) (EventID: 1024) (User: MAXPC)
Description: Adobe Reader XI (11.0.07) - Deutsch{AC76BA86-7AD7-0000-2550-7A8C40011008}1625(NULL)(NULL)(NULL)

Error: (08/15/2014 11:27:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: fifa14.exe1.7.0.003f4e040nvd3dum.dll_unloaded0.0.0.0525da3dbc00000050f54db1c14e801cfb8cfbdfd1245C:\Program Files\Origin Games\FIFA 14\Game\fifa14.exenvd3dum.dll019fcb37-24c3-11e4-a575-bc05430ce1bb

Error: (08/15/2014 11:00:59 PM) (Source: MsiInstaller) (EventID: 1024) (User: MAXPC)
Description: Adobe Reader XI (11.0.07) - Deutsch{AC76BA86-7AD7-0000-2550-7A8C40011008}1625(NULL)(NULL)(NULL)

Error: (08/15/2014 01:38:18 PM) (Source: MsiInstaller) (EventID: 1024) (User: MAXPC)
Description: Adobe Reader XI (11.0.07) - Deutsch{AC76BA86-7AD7-0000-2550-7A8C40011008}1625(NULL)(NULL)(NULL)

Error: (08/15/2014 01:09:00 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Program Files\GIGABYTE\ET6\DLLS\install_flash_player_11_active_x_64bit.exe

Error: (08/14/2014 11:45:29 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Program Files\GIGABYTE\ET6\DLLS\install_flash_player_11_active_x_64bit.exe


==================== Memory info =========================== 

Processor: AMD FX(tm)-6100 Six-Core Processor 
Percentage of memory in use: 52%
Total physical RAM: 3325.55 MB
Available physical RAM: 1590.21 MB
Total Pagefile: 6581.21 MB
Available Pagefile: 4445.82 MB
Total Virtual: 2047.88 MB
Available Virtual: 1892.35 MB

==================== Drives ================================

Drive c: (WinXP-Pro) (Fixed) (Total:149.03 GB) (Free:4.04 GB) NTFS ==>[Drive with boot components (obtained from BCD)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 149 GB) (Disk ID: 27842783)
Partition 1: (Active) - (Size=149 GB) - (Type=07 NTFS)

==================== End Of Log ============================

cosinus · 20.08.2014, 15:54

Zitat:

Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86)

Wieso läuft denn da ein 32-Bit-Windows? Mehr als 4 GiB RAM geht damit nicht!

Zitat:

C:\Users\Max\Downloads\The.Elder.Scrolls.V.Skyrim.Update.9-RELOADED

Bitte lesen => http://www.trojaner-board.de/95393-c...-software.html

Es geht weiter wenn du alles Illegale entfernt hast.

Bei wiederholten Crack/Keygen Verstößen behalte ich es mir vor, den Support einzustellen, d.h. Hilfe nur noch bei der Datensicherung und Neuinstallation des Betriebssystems.

derhalma123 · 20.08.2014, 19:15

Mehr als 4 gb ram hab ich auch nicht...

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:19-08-2014
Ran by Max (administrator) on MAXPC on 20-08-2014 20:09:04
Running from C:\Users\Max\Downloads
Platform: Microsoft Windows 7 Ultimate  Service Pack 1 (X86) OS Language: Englisch (USA)
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Fuyu LIMITED) C:\ProgramData\WindowsProtectManger\wprotectmanager.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(AVM Berlin) C:\Program Files\avmwlanstick\WLanNetService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
() C:\Windows\System32\PnkBstrA.exe
(cake bake) C:\Program Files\WBDesktop.Updater.1.0.0.16.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avwebgrd.exe
() C:\Users\Max\AppData\Local\fst_de_80\upfst_de_80.exe
(AVM Berlin) C:\Program Files\avmwlanstick\WLanGUI.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Saitek) C:\Program Files\SmartTechnology\Software\ProfilerU.exe
(Saitek) C:\Program Files\SmartTechnology\Software\SaiMfd.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe
( ) C:\Program Files\v04BlockAndSurf\BlockAndSurfC.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPNetworkCommunicator.exe
() C:\Program Files\ToggleMark\bin\utilToggleMark.exe
() C:\Program Files\ToggleMark\bin\ToggleMark.PurBrowse.exe
() C:\Program Files\ToggleMark\updateToggleMark.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Google Inc.) C:\Users\Max\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Max\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Max\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Max\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Max\AppData\Local\Google\Chrome\Application\chrome.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avcenter.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avscan.exe
() C:\Program Files\ToggleMark\bin\ToggleMark.BrowserAdapter.exe
(VS Revo Group) C:\Program Files\VS Revo Group\Revo Uninstaller\Revouninstaller.exe
(BitTorrent, Inc.) C:\Program Files\uTorrent\uTorrent.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AVMWlanClient] => C:\Program Files\avmwlanstick\wlangui.exe [2105344 2010-10-22] (AVM Berlin)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [102400 2010-04-06] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [11430504 2011-10-17] (Realtek Semiconductor)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-31] (Apple Inc.)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-14] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [ProfilerU] => C:\Program Files\SmartTechnology\Software\ProfilerU.exe [327680 2013-01-31] (Saitek)
HKLM\...\Run: [SaiMfd] => C:\Program Files\SmartTechnology\Software\SaiMfd.exe [122880 2013-01-31] (Saitek)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [KiesTrayAgent] => C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
HKLM\...\Run: [HP Software Update] => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [54840 2007-05-08] (Hewlett-Packard)
HKLM\...\Run: [hpqSRMon] => C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM\...\Run: [Iminent] => C:\Program Files\Iminent\Iminent.exe /warmup "F77F87E5-A6BD-4922-A530-EDF63D7E9F8C"                                                                                    
HKLM\...\Run: [IminentMessenger] => C:\Program Files\Iminent\Iminent.Messengers.exe                                                
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [718688 2009-10-01] (Microsoft Corporation)
HKLM\...\Run: [Adobe Update] => C:\ProgramData\Adobe\Color.vbs [103 2013-12-11] ()
HKLM\...\Run: [fst_de_37] => [X]
HKLM\...\Run: [Avira Systray] => C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe [161584 2014-08-04] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 2014-08-01] (Apple Inc.)
HKLM\...\RunOnce: [upfst_de_80.exe] => C:\Users\Max\AppData\Local\fst_de_80\upfst_de_80.exe [5768672 2014-07-03] ()
HKU\.DEFAULT\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2013-03-19] (Microsoft Corporation)
HKU\S-1-5-21-599103058-399197357-876646614-1000\...\Run: [Google Update] => C:\Users\Max\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-11-10] (Google Inc.)
HKU\S-1-5-21-599103058-399197357-876646614-1000\...\Run: [uTorrent] => C:\Program Files\uTorrent\uTorrent.exe [963984 2012-11-10] (BitTorrent, Inc.)
HKU\S-1-5-21-599103058-399197357-876646614-1000\...\Run: [EADM] => C:\Program Files\Origin\Origin.exe [3600728 2014-08-06] (Electronic Arts)
HKU\S-1-5-21-599103058-399197357-876646614-1000\...\Run: [Facebook Update] => C:\Users\Max\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-03-14] (Facebook Inc.)
HKU\S-1-5-21-599103058-399197357-876646614-1000\...\Run: [] => C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
HKU\S-1-5-21-599103058-399197357-876646614-1000\...\Run: [NokiaSuite.exe] => C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe -tray
HKU\S-1-5-21-599103058-399197357-876646614-1000\...\Run: [KiesPreload] => C:\Program Files\Samsung\Kies\Kies.exe /preload
HKU\S-1-5-21-599103058-399197357-876646614-1000\...\Run: [KiesAirMessage] => C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup
HKU\S-1-5-21-599103058-399197357-876646614-1000\...\Run: [HP Deskjet 3050A J611 series (NET)] => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe [1804648 2011-06-08] (Hewlett-Packard Co.)
HKU\S-1-5-21-599103058-399197357-876646614-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-599103058-399197357-876646614-1000\...\Run: [Browser Infrastructure Helper] => C:\Users\Max\AppData\Local\Smartbar\Application\Smartbar.exe startup
HKU\S-1-5-21-599103058-399197357-876646614-1000\...\Run: [Steam] => C:\Program Files\Steam\Steam.exe [1753280 2014-07-12] (Valve Corporation)
HKU\S-1-5-21-599103058-399197357-876646614-1000\...\Run: [BlockAndSurf] => C:\Program Files\v04BlockAndSurf\BlockAndSurf.exe [130560 2014-07-15] ()
HKU\S-1-5-21-599103058-399197357-876646614-1000\...\Run: [BlockAndSurfC] => C:\Program Files\v04BlockAndSurf\BlockAndSurfC.exe [2343936 2014-07-15] ( )
HKU\S-1-5-21-599103058-399197357-876646614-1000\...\MountPoints2: {e1b8273b-2b6d-11e2-aa30-a7f40ee6de8f} - E:\pushinst.exe
AppInit_DLLs: C:\PROGRA~2\SupTab\SEARCH~1.DLL => C:\PROGRA~2\SupTab\SEARCH~1.DLL File Not Found
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: http=127.0.0.1:14312;https=127.0.0.1:14312
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRaxo67ounJhqib0rXFhtLLIHmXcfrN_YrkL6AMkVAcJ3mJAHPYcE2slwbJii8zfWL1FQRjNUcGNjPCYTvEeyvjl1UFOsKt3JIXk8EiZIAddBQ1AOwOi-LgdTQghlcIUpUQPIXN3qUZfQIqvYTQEeS-EWw2Lyjpyu&q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRaxo67ounJhqib0rXFhtLLIHmXcfrN_YrkL6AMkVAcJ3mJAHPYcE2slwbJii8zfaNUPyB8Jfk-FflQlZ-VsZPeKL-S5mVhf2Ht0mP_WC1CVShFDA72ue264my7QSkJXuMOa1GRFglFz2LCZMfA7hM5fI3E15Zm3F
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x416DF7617EBFCD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://search.babylon.com/?affID=119776&babsrc=HP_ss_din2g&mntrId=B88F902B349439B7
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://isearch.omiga-plus.com/?type=hp&ts=1402480324&from=tt4u&uid=ST3160023AS_3JS0KDCF
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRaxo67ounJhqib0rXFhtLLIHmXcfrN_YrkL6AMkVAcJ3mJAHPYcE2slwbJii8zfWL1FQRjNUcGNjPCYTvEeyvjl1UFOsKt3JIXk8EiZIAddBQ1AOwOi-LgdTQghlcIUpUQPIXN3qUZfQIqvYTQEeS-EWw2Lyjpyu&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.nationzoom.com/?type=sc&ts=1389885761&from=vtt&uid=ST3160023AS_3JS0KDCF
SearchScopes: HKLM - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=99089bda-3282-9ab6-be5a-1a02db071208&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=07/02/2014&type=hp1000
SearchScopes: HKLM - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=99089bda-3282-9ab6-be5a-1a02db071208&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=07/02/2014&type=hp1000
SearchScopes: HKCU - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRaxo67ounJhqib0rXFhtLLIHmXcfrN_YrkL6AMkVAcJ3mJAHPYcE2slwbJii8zfWL1FQRjNUcGNjPCYTvEeyvjl1UFOsKt3JIXk8EiZIAddBQ1AOwOi-LgdTQghlcIUpUQPIXN3qUZfQIqvYTQEeS-EWw2Lyjpyu&q={searchTerms}
SearchScopes: HKCU - bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRaxo67ounJhqib0rXFhtLLIHmXcfrN_YrkL6AMkVAcJ3mJAHPYcE2slwbJii8zfWL1FQRjNUcGNjPCYTvEeyvjl1UFOsKt3JIXk8EiZIAddBQ1AOwOi-LgdTQghlcIUpUQPIXN3qUZfQIqvYTQEeS-EWw2Lyjpyu&q={searchTerms}
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1402480324&from=tt4u&uid=ST3160023AS_3JS0KDCF&q={searchTerms}
BHO: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO: SaveSense -> {0f21b1e5-5afc-43c9-9c66-515046e92ec2} -> C:\Program Files\SaveSense\SaveSenseIE.dll No File
BHO: BlockAndSurf -> {116A3232-FFD2-E653-A41B-953268ED14F9} -> C:\Program Files\v04BlockAndSurf\175.dll ()
BHO: Yahoo Community Smartbar (by Linkury)Engine -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll No File
BHO: Browse Safe BHO -> {8E56A02B-46FE-4490-B169-F16E5231533B} -> C:\Program Files\Browse Safe\FrameworkBHO.dll No File
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO: delta Helper Object -> {C1AF5FA5-852C-4C90-812E-A7F75E011D87} -> C:\Program Files\Delta\delta\1.8.21.5\bh\delta.dll No File
BHO: Ask Toolbar -> {D4027C7F-154A-4066-A1AD-4243D8127440} -> C:\Program Files\Ask.com\GenericAskToolbar.dll No File
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll No File
BHO: ToggleMark -> {dc59a866-959c-4638-a191-c13177d0bd68} -> C:\Program Files\ToggleMark\ToggleMarkbho.dll (ToggleMark)
BHO: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll No File
Toolbar: HKLM - Yahoo Community Smartbar (by Linkury) - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKCU - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll No File
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Winsock: Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\pjlxmbu5.default
FF NewTab: chrome://quick_start/content/index.html
FF DefaultSearchEngine: Web Search
FF SearchEngineOrder.1: Delta Search
FF SelectedSearchEngine: Web Search
FF Homepage: hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRaxo67ounJhqib0rXFhtLLIHmXcfrN_YrkL6AMkVAcJ3mJAHPYcE2slwbJii8zfaNUPyB8Jfk-FflQlZ-VsZPeKL-S5mVhf2Ht0mP_WC1CVShFDA72ue264my7QSkJXuMOa1GRFglFz2LCZMfA7hM5fI3E15Zm3F
FF Keyword.URL: hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRaxo67ounJhqib0rXFhtLLIHmXcfrN_YrkL6AMkVAcJ3mJAHPYcE2slwbJii8zfWL1FQRjNUcGNjPCYTvEeyvjl1UFOsKt3JIXk8EiZIAddBQ1AOwOi-LgdTQghlcIUpUQPIXN3qUZfQIqvYTQEeS-EWw2Lyjpyu&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @esn/npbattlelog,version=2.4.0 -> C:\Program Files\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=10.40.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.40.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll No File
FF Plugin: @nokia.com/EnablerPlugin -> C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll No File
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin: @tools.updaterss.com/SaveSenseLive Update;version=3 -> C:\Program Files\SaveSenseLive\Update\1.3.23.0\npGoogleUpdate3.dll (SaveSense)
FF Plugin: @tools.updaterss.com/SaveSenseLive Update;version=9 -> C:\Program Files\SaveSenseLive\Update\1.3.23.0\npGoogleUpdate3.dll (SaveSense)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\Max\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\Max\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Max\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: facebook.com/fbDesktopPlugin -> C:\Users\Max\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc -> C:\Program Files\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF user.js: detected! => C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\pjlxmbu5.default\user.js
FF SearchPlugin: C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\pjlxmbu5.default\searchplugins\trovi-search.xml
FF SearchPlugin: C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\pjlxmbu5.default\searchplugins\Web Search.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\StartWeb.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Freeven pro - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\pjlxmbu5.default\Extensions\a0046b9b-fdb9-497f-a4b1-2a108ad6007a@5cdf80b7-0420-4bb7-b3c0-e188e6f4fb8a.com [2014-07-13]
FF Extension: MediaPlayerplus - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\pjlxmbu5.default\Extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com [2014-07-13]
FF Extension: Avira Browser Safety - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\pjlxmbu5.default\Extensions\abs@avira.com [2014-08-14]
FF Extension: Battlefield Play4Free - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\pjlxmbu5.default\Extensions\battlefieldplay4free@ea.com [2013-03-24]
FF Extension: Fast Start - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\pjlxmbu5.default\Extensions\faststartff@gmail.com [2014-07-13]
FF Extension: Plus-HD-2.2c - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\pjlxmbu5.default\Extensions\ODNZSOUV80284234@YL43682704.com [2014-08-20]
FF Extension: SaveSense - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\pjlxmbu5.default\Extensions\{8b337819-d1e8-48d3-8178-168ae8c99c36} [2013-11-25]
FF Extension: Yahoo Community Smartbar - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\pjlxmbu5.default\Extensions\{99089bda-3282-9ab6-be5a-1a02db071208} [2014-03-14]
FF Extension: ToggleMark - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\pjlxmbu5.default\Extensions\{9a9157bb-003e-4fef-8bd1-c09bc4586a28}.xpi [2014-08-19]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-08-14]
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-06-18]
FF HKLM\...\Firefox\Extensions: [faststartff@gmail.com] - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\pjlxmbu5.default\extensions\faststartff@gmail.com
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKCU\...\Firefox\Extensions: [{157B9130-1152-8AF8-8CAB-E997B53F0984}] - C:\Program Files\v04BlockAndSurf\175.xpi
FF Extension: BlockAndSurf - C:\Program Files\v04BlockAndSurf\175.xpi [2014-07-15]
FF HKCU\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]

Chrome: 
=======
CHR StartupUrls: "hxxp://www.google.de/"
CHR Extension: (Google Docs) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-14]
CHR Extension: (Google Drive) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-14]
CHR Extension: (YouTube) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-14]
CHR Extension: (Google-Suche) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-14]
CHR Extension: (Avira Browser Safety) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-08-14]
CHR Extension: (Plus-HD-2.2) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfakeonomonapccoamcmdgpoaicnpnoo [2014-06-15]
CHR Extension: (Google Wallet) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (Google Mail) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-14]
CHR HKLM\...\Chrome\Extension: [ifohbjbgfchkkfhphahclmkpgejiplfo] - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx [2014-01-16]
CHR HKLM\...\Chrome\Extension: [nbmafkdmkkckhggblphicnnhlgljnoje] - C:\Program Files\TornTV.com\torn2_10.crx [2014-01-16]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [1021008 2014-08-14] (Avira Operations GmbH & Co. KG)
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
R2 Avira.OE.ServiceHost; C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe [149296 2014-08-04] (Avira Operations GmbH & Co. KG)
R2 AVM WLAN Connection Service; C:\Program Files\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin) [File not signed]
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL [694784 2009-09-20] (Hewlett-Packard Co.) [File not signed]
S3 ICCS; C:\Program Files\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [160256 2011-08-30] (Intel Corporation) [File not signed]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [235696 2014-04-09] (McAfee, Inc.)
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2010-08-06] (Hewlett-Packard) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2010-08-06] (Hewlett-Packard) [File not signed]
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76888 2014-06-15] ()
S2 savesenselive; C:\Program Files\SaveSenseLive\Update\SaveSenseLive.exe [146920 2013-11-25] (SaveSense)
S3 savesenselivem; C:\Program Files\SaveSenseLive\Update\SaveSenseLive.exe [146920 2013-11-25] (SaveSense)
R2 Update ToggleMark; C:\Program Files\ToggleMark\updateToggleMark.exe [323360 2014-08-20] ()
R2 Util ToggleMark; C:\Program Files\ToggleMark\bin\utilToggleMark.exe [323360 2014-08-20] ()
R2 WebCake Desktop Updater; C:\Program Files\WBDesktop.Updater.1.0.0.16.exe [51992 2013-08-17] (cake bake)
R2 WindowsProtectManger; C:\ProgramData\WindowsProtectManger\wprotectmanager.exe [573344 2014-06-11] (Fuyu LIMITED)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 AODDriver; C:\Program Files\GIGABYTE\ET6\i386\AODDriver.sys [36864 2010-03-12] (Advanced Micro Devices) [File not signed]
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [19056 2011-11-02] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [97648 2014-07-01] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136216 2014-06-11] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-11-26] (Avira Operations GmbH & Co. KG)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [4352 2010-10-01] (AVM Berlin) [File not signed]
R3 fwlanusb4; C:\Windows\System32\DRIVERS\fwlanusb4.sys [926080 2010-10-01] (AVM GmbH)
S3 gdrv; C:\Windows\gdrv.sys [17488 2013-10-24] (Windows (R) 2000 DDK provider)
S3 GVTDrv; C:\Windows\system32\Drivers\GVTDrv.sys [24944 2013-10-24] ()
S3 SaiK1703; C:\Windows\System32\DRIVERS\SaiK1703.sys [145216 2012-09-20] (Saitek)
R3 SaiMini; C:\Windows\System32\DRIVERS\SaiMini.sys [23200 2013-02-01] (Saitek)
R3 SaiNtBus; C:\Windows\System32\drivers\SaiBus.sys [46624 2013-02-01] (Saitek)
S3 SaiU1703; C:\Windows\System32\DRIVERS\SaiU1703.sys [41280 2012-09-20] (Saitek)
S3 scramby; C:\Windows\System32\drivers\scramby.sys [25896 2007-02-13] (RapidSolution Software AG)
S3 scramby_out; C:\Windows\System32\drivers\scramby_out.sys [23840 2007-08-08] (RapidSolution Software AG)
S0 sfdrv01; C:\Windows\System32\drivers\sfdrv01.sys [48640 2005-03-03] (Protection Technology) [File not signed]
R0 sfhlp02; C:\Windows\System32\drivers\sfhlp02.sys [6656 2005-02-23] (Protection Technology) [File not signed]
S0 sfsync02; C:\Windows\System32\drivers\sfsync02.sys [20544 2004-12-03] (Protection Technology) [File not signed]
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2012-08-27] (Avira GmbH)
R1 VirtDiskBus; C:\Windows\System32\DRIVERS\VirtDiskBus.sys [57456 2011-02-08] (Giga-Byte Technology CO., LTD.)
S3 xnacc; C:\Windows\System32\DRIVERS\xnacc.sys [465408 2009-07-14] (Microsoft Corporation)
R1 {9a9157bb-003e-4fef-8bd1-c09bc4586a28}Gw; C:\Windows\System32\drivers\{9a9157bb-003e-4fef-8bd1-c09bc4586a28}Gw.sys [52416 2014-08-16] (StdLib)
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [48128 2009-07-14] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-20 14:42 - 2014-08-20 15:17 - 00000000 ____D () C:\AdwCleaner
2014-08-20 14:41 - 2014-08-20 14:41 - 01361671 _____ () C:\Users\Max\Downloads\adwcleaner_3.307.exe
2014-08-20 14:20 - 2014-08-20 14:20 - 00001762 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-08-20 14:20 - 2014-08-20 14:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-08-20 14:20 - 2014-08-20 14:20 - 00000000 ____D () C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-08-20 14:20 - 2014-08-20 14:20 - 00000000 ____D () C:\Program Files\iTunes
2014-08-20 14:20 - 2014-08-20 14:20 - 00000000 ____D () C:\Program Files\iPod
2014-08-20 00:45 - 2014-08-16 23:49 - 00052416 _____ (StdLib) C:\Windows\system32\Drivers\{9a9157bb-003e-4fef-8bd1-c09bc4586a28}Gw.sys
2014-08-20 00:28 - 2014-08-20 00:28 - 00000468 _____ () C:\Users\Max\Downloads\defogger_disable.log
2014-08-20 00:28 - 2014-08-20 00:28 - 00000240 _____ () C:\Users\Max\Downloads\defogger_enable.log
2014-08-20 00:26 - 2014-08-20 00:26 - 00050477 _____ () C:\Users\Max\Downloads\Defogger.exe
2014-08-20 00:18 - 2014-08-20 00:19 - 00037803 _____ () C:\Users\Max\Downloads\Addition.txt
2014-08-20 00:16 - 2014-08-20 20:09 - 00030149 _____ () C:\Users\Max\Downloads\FRST.txt
2014-08-20 00:16 - 2014-08-20 20:09 - 00000000 ____D () C:\FRST
2014-08-20 00:15 - 2014-08-20 00:15 - 01093632 _____ (Farbar) C:\Users\Max\Downloads\FRST.exe
2014-08-20 00:10 - 2014-08-20 00:10 - 00001227 _____ () C:\Users\Max\Desktop\Revo Uninstaller.lnk
2014-08-20 00:10 - 2014-08-20 00:10 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-08-20 00:08 - 2014-08-20 00:09 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Max\Downloads\revosetup95.exe
2014-08-19 23:40 - 2014-08-20 13:47 - 00000000 ____D () C:\Program Files\ToggleMark
2014-08-14 20:14 - 2014-08-14 20:14 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-08-14 19:09 - 2014-08-18 22:23 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-14 19:09 - 2014-08-18 22:22 - 00001104 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-14 02:07 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-14 02:07 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-14 02:07 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-14 02:07 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-14 00:01 - 2014-08-01 01:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-14 00:01 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-14 00:01 - 2014-07-25 15:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-14 00:01 - 2014-07-25 15:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-14 00:01 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-14 00:01 - 2014-07-25 14:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-14 00:01 - 2014-07-25 14:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-14 00:01 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-14 00:01 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-14 00:01 - 2014-07-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-14 00:01 - 2014-07-25 14:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-14 00:01 - 2014-07-25 14:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-14 00:01 - 2014-07-25 14:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-14 00:01 - 2014-07-25 14:10 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-14 00:01 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-14 00:01 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-14 00:01 - 2014-07-25 13:59 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-14 00:01 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-14 00:01 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-14 00:01 - 2014-07-25 13:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-14 00:01 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-14 00:01 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-14 00:01 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-14 00:01 - 2014-07-25 13:09 - 00663040 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-14 00:01 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-14 00:01 - 2014-07-25 13:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-14 00:01 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-14 00:01 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-14 00:01 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-14 00:01 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-13 23:55 - 2014-07-14 03:42 - 00654336 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-13 23:55 - 2014-06-16 03:44 - 00730048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-13 23:55 - 2014-06-16 03:44 - 00219072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2014-08-13 23:55 - 2014-06-16 03:40 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2014-08-13 23:53 - 2014-07-16 04:47 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-13 23:53 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-13 23:53 - 2014-07-16 03:47 - 02352640 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-13 23:52 - 2014-06-03 11:30 - 00101824 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-13 23:52 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-13 23:52 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-13 23:52 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-13 23:48 - 2014-07-09 03:29 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-08-13 23:48 - 2014-07-09 03:29 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-08-13 23:48 - 2014-07-09 03:29 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-08-13 23:48 - 2014-07-09 03:29 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-08-13 23:48 - 2014-07-09 03:29 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-08-13 23:48 - 2014-07-09 00:30 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-08-13 23:48 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-11 01:48 - 2014-08-11 01:48 - 00001500 _____ () C:\Users\Public\Desktop\Wing Commander III.lnk
2014-08-11 01:48 - 2014-08-11 01:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wing Commander III
2014-08-04 21:45 - 2014-08-04 21:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2014-08-04 21:45 - 2014-08-04 21:45 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-08-02 18:45 - 2014-08-14 23:55 - 00000000 ____D () C:\Windows\rescache
2014-08-01 19:13 - 2014-05-14 18:23 - 01973728 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-01 19:13 - 2014-05-14 18:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-01 19:13 - 2014-05-14 18:23 - 00054240 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-01 19:13 - 2014-05-14 18:23 - 00045536 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-08-01 19:13 - 2014-05-14 18:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-08-01 19:13 - 2014-05-14 18:17 - 02425856 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-01 19:13 - 2014-05-14 18:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-01 19:12 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-01 19:12 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-07-30 16:07 - 2014-07-30 16:07 - 00000970 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-07-30 16:07 - 2014-07-30 16:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-07-30 16:07 - 2014-07-30 16:07 - 00000000 ____D () C:\Program Files\CCleaner
2014-07-30 16:06 - 2014-07-30 16:06 - 04813544 _____ (Piriform Ltd) C:\Users\Max\Downloads\ccsetup416.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-20 20:11 - 2014-08-20 00:16 - 00030149 _____ () C:\Users\Max\Downloads\FRST.txt
2014-08-20 20:10 - 2012-11-09 19:00 - 00000000 ____D () C:\Users\Max\AppData\Roaming\uTorrent
2014-08-20 20:09 - 2014-08-20 00:16 - 00000000 ____D () C:\FRST
2014-08-20 20:03 - 2012-12-13 21:05 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-20 19:55 - 2013-11-25 21:19 - 00000914 _____ () C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineUA.job
2014-08-20 19:55 - 2013-03-14 22:34 - 00000920 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-599103058-399197357-876646614-1000UA.job
2014-08-20 19:55 - 2012-11-10 22:18 - 00001112 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-599103058-399197357-876646614-1000UA.job
2014-08-20 19:55 - 2009-07-14 04:04 - 00000540 _____ () C:\Windows\win.ini
2014-08-20 19:54 - 2014-04-05 19:12 - 00002190 _____ () C:\Windows\Tasks\643828eb-3b53-49d1-b15a-563187f9bc97-4.job
2014-08-20 19:54 - 2014-04-05 19:12 - 00001504 _____ () C:\Windows\Tasks\643828eb-3b53-49d1-b15a-563187f9bc97-5.job
2014-08-20 19:54 - 2014-04-05 19:12 - 00001442 _____ () C:\Windows\Tasks\643828eb-3b53-49d1-b15a-563187f9bc97-1.job
2014-08-20 19:54 - 2014-04-05 19:12 - 00001418 _____ () C:\Windows\Tasks\643828eb-3b53-49d1-b15a-563187f9bc97-2.job
2014-08-20 19:54 - 2014-04-05 19:11 - 00003110 _____ () C:\Windows\Tasks\643828eb-3b53-49d1-b15a-563187f9bc97-3.job
2014-08-20 19:54 - 2014-04-05 19:07 - 00001432 _____ () C:\Windows\Tasks\f948fe0d-923c-4a19-9b82-87f2f2abe4b9-5.job
2014-08-20 19:54 - 2014-04-05 19:07 - 00001362 _____ () C:\Windows\Tasks\f948fe0d-923c-4a19-9b82-87f2f2abe4b9-1.job
2014-08-20 19:54 - 2014-04-05 19:07 - 00001346 _____ () C:\Windows\Tasks\f948fe0d-923c-4a19-9b82-87f2f2abe4b9-2.job
2014-08-20 19:54 - 2014-04-05 19:06 - 00002758 _____ () C:\Windows\Tasks\f948fe0d-923c-4a19-9b82-87f2f2abe4b9-3.job
2014-08-20 19:54 - 2014-04-05 19:06 - 00002094 _____ () C:\Windows\Tasks\f948fe0d-923c-4a19-9b82-87f2f2abe4b9-4.job
2014-08-20 16:57 - 2014-07-04 20:06 - 00000000 ____D () C:\Users\Max\AppData\Local\fst_de_80
2014-08-20 15:32 - 2014-07-15 22:43 - 00003072 _____ () C:\Users\Max\AppData\Local\BlockAndSurfdb.sqlite
2014-08-20 15:17 - 2014-08-20 14:42 - 00000000 ____D () C:\AdwCleaner
2014-08-20 14:52 - 2013-01-27 19:58 - 00000000 ____D () C:\ProgramData\Origin
2014-08-20 14:42 - 2012-11-10 22:50 - 00000000 ____D () C:\Users\Max\AppData\Roaming\Skype
2014-08-20 14:41 - 2014-08-20 14:41 - 01361671 _____ () C:\Users\Max\Downloads\adwcleaner_3.307.exe
2014-08-20 14:41 - 2013-06-05 20:41 - 00001876 _____ () C:\Windows\Tasks\Plus-HD-2.2-chromeinstaller.job
2014-08-20 14:41 - 2013-06-05 20:41 - 00001802 _____ () C:\Windows\Tasks\Plus-HD-2.2-firefoxinstaller.job
2014-08-20 14:41 - 2013-06-05 20:41 - 00001182 _____ () C:\Windows\Tasks\Plus-HD-2.2-codedownloader.job
2014-08-20 14:41 - 2013-06-05 20:41 - 00001178 _____ () C:\Windows\Tasks\Plus-HD-2.2-updater.job
2014-08-20 14:41 - 2013-06-05 20:41 - 00001082 _____ () C:\Windows\Tasks\Plus-HD-2.2-enabler.job
2014-08-20 14:28 - 2013-10-15 18:47 - 00001060 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-599103058-399197357-876646614-1000Core1cec9c63a82270b.job
2014-08-20 14:20 - 2014-08-20 14:20 - 00001762 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-08-20 14:20 - 2014-08-20 14:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-08-20 14:20 - 2014-08-20 14:20 - 00000000 ____D () C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-08-20 14:20 - 2014-08-20 14:20 - 00000000 ____D () C:\Program Files\iTunes
2014-08-20 14:20 - 2014-08-20 14:20 - 00000000 ____D () C:\Program Files\iPod
2014-08-20 14:20 - 2012-12-29 15:39 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-08-20 13:55 - 2009-07-14 06:34 - 00023232 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-20 13:55 - 2009-07-14 06:34 - 00023232 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-20 13:53 - 2014-07-15 22:43 - 00000394 _____ () C:\Windows\Tasks\BlockAndSurf Update.job
2014-08-20 13:53 - 2014-07-14 22:08 - 00000000 ____D () C:\Program Files\Steam
2014-08-20 13:53 - 2013-01-27 19:58 - 00000000 ____D () C:\Program Files\Origin
2014-08-20 13:53 - 2012-11-10 03:06 - 01942653 _____ () C:\Windows\WindowsUpdate.log
2014-08-20 13:51 - 2014-07-15 22:43 - 00000372 _____ () C:\Windows\Tasks\BlockAndSurf_wd.job
2014-08-20 13:51 - 2013-11-25 21:19 - 00000910 _____ () C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineCore.job
2014-08-20 13:47 - 2014-08-19 23:40 - 00000000 ____D () C:\Program Files\ToggleMark
2014-08-20 13:47 - 2013-10-24 19:37 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-08-20 13:47 - 2012-12-08 17:48 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-08-20 13:47 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-20 13:47 - 2009-07-14 06:39 - 00108161 _____ () C:\Windows\setupact.log
2014-08-20 01:38 - 2014-07-04 20:06 - 00000000 ____D () C:\Program Files\fst_de_80
2014-08-20 00:28 - 2014-08-20 00:28 - 00000468 _____ () C:\Users\Max\Downloads\defogger_disable.log
2014-08-20 00:28 - 2014-08-20 00:28 - 00000240 _____ () C:\Users\Max\Downloads\defogger_enable.log
2014-08-20 00:28 - 2012-11-09 18:28 - 00000000 ____D () C:\Users\Max
2014-08-20 00:26 - 2014-08-20 00:26 - 00050477 _____ () C:\Users\Max\Downloads\Defogger.exe
2014-08-20 00:19 - 2014-08-20 00:18 - 00037803 _____ () C:\Users\Max\Downloads\Addition.txt
2014-08-20 00:18 - 2013-11-25 21:19 - 00000000 ____D () C:\Users\Max\AppData\Roaming\SaveSense
2014-08-20 00:15 - 2014-08-20 00:15 - 01093632 _____ (Farbar) C:\Users\Max\Downloads\FRST.exe
2014-08-20 00:10 - 2014-08-20 00:10 - 00001227 _____ () C:\Users\Max\Desktop\Revo Uninstaller.lnk
2014-08-20 00:10 - 2014-08-20 00:10 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-08-20 00:09 - 2014-08-20 00:08 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Max\Downloads\revosetup95.exe
2014-08-19 23:28 - 2009-07-14 06:33 - 00294544 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-19 01:44 - 2013-12-24 19:48 - 00000000 ____D () C:\Users\Max\Documents\FIFA 14
2014-08-18 22:23 - 2014-08-14 19:09 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-18 22:22 - 2014-08-14 19:09 - 00001104 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-18 22:22 - 2013-02-10 14:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-08-18 22:22 - 2013-02-10 14:37 - 00000000 ____D () C:\Program Files\Avira
2014-08-18 22:19 - 2013-12-21 14:19 - 00000179 _____ () C:\Users\Max\AppData\Roaming\WB.CFG
2014-08-17 21:39 - 2013-03-14 22:34 - 00000898 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-599103058-399197357-876646614-1000Core.job
2014-08-16 23:49 - 2014-08-20 00:45 - 00052416 _____ (StdLib) C:\Windows\system32\Drivers\{9a9157bb-003e-4fef-8bd1-c09bc4586a28}Gw.sys
2014-08-15 00:32 - 2012-11-10 22:25 - 00002523 _____ () C:\Users\Max\Desktop\Google Chrome.lnk
2014-08-14 23:55 - 2014-08-02 18:45 - 00000000 ____D () C:\Windows\rescache
2014-08-14 23:05 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-08-14 20:14 - 2014-08-14 20:14 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-08-14 19:09 - 2013-02-10 14:37 - 00000000 ____D () C:\ProgramData\Avira
2014-08-14 18:50 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\de-DE
2014-08-14 02:16 - 2013-07-20 17:30 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-14 02:09 - 2012-11-11 22:38 - 96303304 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-11 01:48 - 2014-08-11 01:48 - 00001500 _____ () C:\Users\Public\Desktop\Wing Commander III.lnk
2014-08-11 01:48 - 2014-08-11 01:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wing Commander III
2014-08-11 01:48 - 2009-07-14 06:52 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-08-10 19:25 - 2013-01-27 20:05 - 00000000 ____D () C:\Program Files\Origin Games
2014-08-04 21:49 - 2014-07-15 22:42 - 00000000 ____D () C:\Program Files\v04BlockAndSurf
2014-08-04 21:45 - 2014-08-04 21:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2014-08-04 21:45 - 2014-08-04 21:45 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-08-04 21:45 - 2013-04-30 21:28 - 00002021 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2014-08-04 21:45 - 2013-04-30 21:28 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-08-01 01:16 - 2014-08-14 00:01 - 00307384 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-31 22:52 - 2012-11-10 22:50 - 00000000 ___RD () C:\Program Files\Skype
2014-07-31 22:48 - 2014-07-05 11:48 - 00000000 ____D () C:\Program Files\Bench
2014-07-31 22:48 - 2012-11-10 23:37 - 00943558 _____ () C:\Windows\PFRO.log
2014-07-30 18:54 - 2014-06-11 11:52 - 00000000 ____D () C:\Users\Max\AppData\Roaming\omiga-plus
2014-07-30 18:53 - 2014-03-13 13:22 - 00000000 __SHD () C:\Windows\system32\AI_RecycleBin
2014-07-30 18:52 - 2014-04-05 19:05 - 00000602 __RSH () C:\ProgramData\ntuser.pol
2014-07-30 16:07 - 2014-07-30 16:07 - 00000970 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-07-30 16:07 - 2014-07-30 16:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-07-30 16:07 - 2014-07-30 16:07 - 00000000 ____D () C:\Program Files\CCleaner
2014-07-30 16:06 - 2014-07-30 16:06 - 04813544 _____ (Piriform Ltd) C:\Users\Max\Downloads\ccsetup416.exe
2014-07-30 15:46 - 2014-04-05 19:19 - 00001082 _____ () C:\Users\Max\Desktop\Continue VuuPC Installation.lnk
2014-07-30 15:22 - 2014-07-05 11:49 - 00000003 _____ () C:\Users\Max\AppData\Local\proxy.log
2014-07-25 15:51 - 2014-08-14 00:01 - 17524224 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-25 15:04 - 2014-08-14 00:01 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-25 15:03 - 2014-08-14 00:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-07-25 14:34 - 2014-08-14 00:01 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-25 14:34 - 2014-08-14 00:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-25 14:33 - 2014-08-14 00:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-07-25 14:30 - 2014-08-14 00:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-07-25 14:21 - 2014-08-14 00:01 - 02184704 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-25 14:18 - 2014-08-14 00:01 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-25 14:17 - 2014-08-14 00:01 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-25 14:12 - 2014-08-14 00:01 - 00438784 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-25 14:10 - 2014-08-14 00:01 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-25 14:10 - 2014-08-14 00:01 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-07-25 14:08 - 2014-08-14 00:01 - 00597504 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-07-25 14:06 - 2014-08-14 00:01 - 04204032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-25 13:59 - 2014-08-14 00:01 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-25 13:52 - 2014-08-14 00:01 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-25 13:43 - 2014-08-14 00:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-25 13:36 - 2014-08-14 00:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-25 13:34 - 2014-08-14 00:01 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-25 13:29 - 2014-08-14 00:01 - 00239616 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-25 13:13 - 2014-08-14 00:01 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-25 13:09 - 2014-08-14 00:01 - 00663040 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-25 13:07 - 2014-08-14 00:01 - 02001920 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-25 13:07 - 2014-08-14 00:01 - 01068032 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-07-25 13:03 - 2014-08-14 00:01 - 11772928 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-25 12:09 - 2014-08-14 00:01 - 00704512 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-25 12:05 - 2014-08-14 00:01 - 01792512 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-25 12:00 - 2014-08-14 00:01 - 01169920 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

Some content of TEMP:
====================
C:\Users\Max\AppData\Local\Temp\avgnt.exe
C:\Users\Max\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-08-17 19:24

==================== End Of Log ============================

--- --- ---

cosinus · 21.08.2014, 11:12

Zitat:

Total physical RAM: 3325.55 MB

Addressieren kann dein 32-Bit-Windows aber deutlich weniger als 4 GiB...

Adware/Junkware/Toolbars entfernen

(alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen aus den Desktop!)

1. Schritt: adwCleaner

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

2. Schritt: JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

3. Schritt: Frisches Log mit FRST

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

derhalma123 · 21.08.2014, 21:33

Mehr als das brauch ich gar nicht

ist nur Ein Arbeits-PC

AdwCleaner :

Code:

ATTFilter

# AdwCleaner v3.308 - Report created 21/08/2014 at 22:11:32
# Updated 20/08/2014 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (32 bits)
# Username : Max - MAXPC
# Running from : C:\Users\Max\Downloads\adwcleaner_3.308.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : savesenselive
[#] Service Deleted : savesenselivem
[#] Service Deleted : Update ToggleMark
[#] Service Deleted : Util ToggleMark
[#] Service Deleted : WebCake Desktop Updater
Service Deleted : WindowsProtectManger
Service Deleted : {9a9157bb-003e-4fef-8bd1-c09bc4586a28}Gw

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\Iminent
Folder Deleted : C:\ProgramData\SaveSenseLive
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\ProgramData\WindowsProtectManger
Folder Deleted : C:\ProgramData\WPM
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Iminent
Folder Deleted : C:\Program Files\Bench
Folder Deleted : C:\Program Files\Betcat
Folder Deleted : C:\Program Files\Iminent
Folder Deleted : C:\Program Files\Optimizer Pro
Folder Deleted : C:\Program Files\predm
Folder Deleted : C:\Program Files\SaveSenseLive
Folder Deleted : C:\Program Files\SearchProtect
Folder Deleted : C:\Program Files\SecretSauce
[!] Folder Deleted : C:\Program Files\ToggleMark
Folder Deleted : C:\Program Files\TornTV.com
Folder Deleted : C:\Program Files\fst_de_80
[!] Folder Deleted : C:\Program Files\ToggleMark
Folder Deleted : C:\Program Files\v04BlockAndSurf
Folder Deleted : C:\Program Files\Common Files\Umbrella
Folder Deleted : C:\Users\Max\AppData\Local\LPT
Folder Deleted : C:\Users\Max\AppData\Local\SaveSenseLive
Folder Deleted : C:\Users\Max\AppData\Local\SearchProtect
Folder Deleted : C:\Users\Max\AppData\Local\Smartbar
Folder Deleted : C:\Users\Max\AppData\Local\Tuguu_SL
Folder Deleted : C:\Users\Max\AppData\Local\fst_de_80
Folder Deleted : C:\Users\Max\AppData\LocalLow\Delta
Folder Deleted : C:\Users\Max\AppData\LocalLow\Smartbar
Folder Deleted : C:\Users\Max\AppData\Roaming\BabSolution
Folder Deleted : C:\Users\Max\AppData\Roaming\Babylon
Folder Deleted : C:\Users\Max\AppData\Roaming\Betcat
Folder Deleted : C:\Users\Max\AppData\Roaming\Delta
Folder Deleted : C:\Users\Max\AppData\Roaming\omiga-plus
Folder Deleted : C:\Users\Max\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\Max\AppData\Roaming\SaveSense
Folder Deleted : C:\Users\Max\AppData\Roaming\Systweak
Folder Deleted : C:\Users\Max\Documents\Optimizer Pro
Folder Deleted : C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\pjlxmbu5.default\Extensions\faststartff@gmail.com
Folder Deleted : C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfakeonomonapccoamcmdgpoaicnpnoo
File Deleted : C:\END
File Deleted : C:\Program Files\WebCakeLayers.crx
File Deleted : C:\Windows\system32\roboot.exe
File Deleted : C:\Windows\system32\drivers\{9a9157bb-003e-4fef-8bd1-c09bc4586a28}Gw.sys
File Deleted : C:\Users\Max\AppData\Local\AnyProtectScannerSetup.exe
File Deleted : C:\Users\Max\Desktop\Continue VuuPC Installation.lnk
File Deleted : C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\pjlxmbu5.default\bprotector_extensions.sqlite
File Deleted : C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\pjlxmbu5.default\bprotector_prefs.js
File Deleted : C:\Program Files\Mozilla Firefox\defaults\pref\all-iminent.js
File Deleted : C:\Program Files\Mozilla Firefox\browser\searchplugins\StartWeb.xml
File Deleted : C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\pjlxmbu5.default\searchplugins\trovi-search.xml
File Deleted : C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\pjlxmbu5.default\searchplugins\Web Search.xml
File Deleted : C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\pjlxmbu5.default\user.js
File Deleted : C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data
File Deleted : C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences
File Deleted : C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx

***** [ Scheduled Tasks ] *****

Task Deleted : BlockAndSurf Update
Task Deleted : BlockAndSurf_wd
Task Deleted : Desk 365 RunAsStdUser
Task Deleted : EPUpdater
Task Deleted : SaveSenseLiveUpdateTaskMachineCore
Task Deleted : SaveSenseLiveUpdateTaskMachineUA
Task Deleted : 643828eb-3b53-49d1-b15a-563187f9bc97-1
Task Deleted : 643828eb-3b53-49d1-b15a-563187f9bc97-2
Task Deleted : 643828eb-3b53-49d1-b15a-563187f9bc97-3
Task Deleted : 643828eb-3b53-49d1-b15a-563187f9bc97-4
Task Deleted : 643828eb-3b53-49d1-b15a-563187f9bc97-5
Task Deleted : f948fe0d-923c-4a19-9b82-87f2f2abe4b9-1
Task Deleted : f948fe0d-923c-4a19-9b82-87f2f2abe4b9-2
Task Deleted : f948fe0d-923c-4a19-9b82-87f2f2abe4b9-3
Task Deleted : f948fe0d-923c-4a19-9b82-87f2f2abe4b9-4
Task Deleted : f948fe0d-923c-4a19-9b82-87f2f2abe4b9-5

***** [ Shortcuts ] *****

Shortcut Disinfected : C:\Users\Public\Desktop\Mozilla Firefox.lnk
Shortcut Disinfected : C:\Users\Max\Desktop\Google Chrome.lnk
Shortcut Disinfected : C:\Users\Max\Desktop\Search.lnk
Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
Shortcut Disinfected : C:\Users\Max\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Shortcut Disinfected : C:\Users\Max\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk
Shortcut Disinfected : C:\Users\Max\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk

***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [faststartff@gmail.com]
Value Deleted : HKCU\Software\Mozilla\Firefox\Extensions [{157B9130-1152-8AF8-8CAB-E997B53F0984}]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\nbmafkdmkkckhggblphicnnhlgljnoje
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Browser Infrastructure Helper]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\SaveSenseLive.exe
Key Deleted : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Key Deleted : HKLM\SOFTWARE\Classes\d
Key Deleted : HKLM\SOFTWARE\Classes\delta.deltaappCore
Key Deleted : HKLM\SOFTWARE\Classes\delta.deltaappCore.1
Key Deleted : HKLM\SOFTWARE\Classes\delta.deltadskBnd
Key Deleted : HKLM\SOFTWARE\Classes\delta.deltadskBnd.1
Key Deleted : HKLM\SOFTWARE\Classes\delta.deltaHlpr
Key Deleted : HKLM\SOFTWARE\Classes\delta.deltaHlpr.1
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Deleted : HKLM\SOFTWARE\Classes\esrv.deltaESrvc
Key Deleted : HKLM\SOFTWARE\Classes\esrv.deltaESrvc.1
Key Deleted : HKLM\SOFTWARE\Classes\esrv.iminentESrvc
Key Deleted : HKLM\SOFTWARE\Classes\esrv.iminentESrvc.1
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Deleted : HKLM\SOFTWARE\Classes\I
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.bandobjectattribute
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.bho
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.dockingpanel
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbar
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbarbandobject
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.smartbardisplaystate
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.smartbarmenuform
Key Deleted : HKLM\SOFTWARE\Classes\Iminent
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.DownloadArgs
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.LinkToPromoteArgs
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.RawDataArgs
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.TinyUrlArgs
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.ViralLinkArgs
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.ClientCallback
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.ContractBase
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.AddToUserContentCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.CheckLoginStatusCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.CleanCacheCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GameOverCallback
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetCreditCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetInstallationContextCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetLoginStatusCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetLoginStatusResult
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetVariableCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetVariableResult
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.InstallationContextResult
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LoadContentCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LoadContentCommandResult
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LoginCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LoginStatusChangedCallback
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LogoutCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.MergeIdentityCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.MyAccountCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.PlayContentCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.PostContentCallback
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.RecycleViewsCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.SetVariableCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.ShowBrowserWindowCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.ShowControlCenterCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.ShowPluginWindowCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.TestContentCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.UserContentChangedCallback
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.VariableChangedCallback
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.WarmUpCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.WelcomeCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.ServerCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.ServerResult
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.LightContent
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.LightUri
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.MediatorServiceProxy
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\SaveSenseLive.OneClickCtrl.9
Key Deleted : HKLM\SOFTWARE\Classes\SaveSenseLive.OneClickProcessLauncherMachine
Key Deleted : HKLM\SOFTWARE\Classes\SaveSenseLive.OneClickProcessLauncherMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\SaveSenseLive.Update3WebControl.3
Key Deleted : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.CoCreateAsync
Key Deleted : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.CoCreateAsync.1.0
Key Deleted : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.CoreClass
Key Deleted : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.CoreClass.1
Key Deleted : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.CoreMachineClass
Key Deleted : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.CoreMachineClass.1
Key Deleted : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.CredentialDialogMachine
Key Deleted : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.CredentialDialogMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.OnDemandCOMClassMachine
Key Deleted : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.OnDemandCOMClassMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.OnDemandCOMClassMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.OnDemandCOMClassMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.OnDemandCOMClassSvc
Key Deleted : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.OnDemandCOMClassSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.ProcessLauncher
Key Deleted : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.ProcessLauncher.1.0
Key Deleted : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.Update3COMClassService
Key Deleted : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.Update3COMClassService.1.0
Key Deleted : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.Update3WebMachine
Key Deleted : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.Update3WebMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.Update3WebMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.Update3WebMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.Update3WebSvc
Key Deleted : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.Update3WebSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BackupStack_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BackupStack_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\NewPlayer_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\NewPlayer_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\NewPlayerUpdater_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\NewPlayerUpdater_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\smartbar_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\smartbar_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Torntv Downloader_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Torntv Downloader_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Iminent]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [IminentMessenger]
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@tools.updaterss.com/SaveSenseLive Update;version=3
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@tools.updaterss.com/SaveSenseLive Update;version=9
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\DeskSvc
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ToggleMark_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ToggleMark_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\updateToggleMark_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\updateToggleMark_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\utilToggleMark_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\utilToggleMark_RASMANCS
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Update ToggleMark
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Util ToggleMark
Key Deleted : HKCU\Software\9ed68fbc3cef46
Key Deleted : HKLM\SOFTWARE\9ed68fbc3cef46
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0E4B2CAB-B859-4C57-B96E-63DDEC692BC4}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{8E9F2D02-6B06-4EBA-92C2-68438EADED28}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{997E3BFB-F821-411C-8B96-D61D415EC8FA}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{A2D3FB7A-6873-45E8-AF96-57092D721828}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{01A602A0-D0B9-445B-8081-719E4177C4A7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02C9C7B0-C7C8-4AAC-A9E4-55295BF60F8F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0398B101-6DA7-473F-A290-17D2FBC88CC0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0CC36196-8589-4B80-A771-D659411D7F90}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0F21B1E5-5AFC-43C9-9C66-515046E92EC2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1070C156-160B-47A0-B7D9-1860396BAB57}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{143D96F9-EB64-48B3-B192-91C2C41A1F43}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{14F7D91F-F669-45C9-9F42-BACBFDB86EAD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{187A6488-6E71-4A2A-B118-7BEFBFE58257}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{261DD098-8A3E-43D4-87AA-63324FA897D8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{27CE191D-733B-4450-AFCD-096D105288C3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2B47855E-B429-4DF6-8293-E1DBF2381A07}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2D065204-A024-4C39-8A38-EE7078EC7ACF}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{30F5476C-677B-4DB0-B397-51F5BFD86840}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3223F2FB-D9B9-45FC-9D66-CD717FFA4EE5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{351798B1-C1D2-45AB-92B4-4D6C2D6AB5AF}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{39A29266-D3E4-462D-AB05-F93B1053F6CF}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3AEA1BEF-6195-46F4-ACA2-0ED14F7EFA1B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3D7F9AC3-BAC3-4E51-81D7-D121D79E550A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4498C5E9-93C6-4142-B6BE-F0C6DC48B77A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{44FC7A33-2E5C-48DC-B6F5-B81E8005D122}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{479BF2D6-E362-4A99-B1AB-BC764D7B97AE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{492A108F-51D0-4BD8-899D-AD4AB2893064}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4B6D6E60-FBD2-4E79-BF4B-886BC98F1797}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4FCB4630-2A1C-4AA1-B422-345E8DC8A6DE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{60893E02-2E5B-43F9-A93A-BAD60C2DF6EF}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6D39931F-451E-4BDD-BAF4-37FB96DBBA5D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{73192D81-6D24-4C40-BF7B-2507C6FA0B1A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{76C684D2-C35D-4284-976A-D862F53ADB81}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{796D822A-C3F9-4A97-BAAB-42FE7628EA63}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{79EF3691-EC1A-4705-A01A-D2E36EC11758}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{82F41418-8E64-47EB-A7F1-4702A974D289}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{85D920CE-63A7-46DC-8992-41D1D2E07FAD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{86838207-681D-469D-9511-D0DCC6F19F9B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{88C606E7-BA26-41CB-8CC3-D1E313E34E75}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{895ED5E8-ABB4-40C3-A0CA-2571964268E2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8AAC123A-1959-4A45-BFC5-E2D50783098A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8E56A02B-46FE-4490-B169-F16E5231533B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{93D3100A-BBB6-456C-96FC-82CAC5F383AC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{997E3BFB-F821-411C-8B96-D61D415EC8FA}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{998745A3-2AE4-488D-8092-B98FB20A00C2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{99E71BF1-5F51-4AF9-830B-67015D59640D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9E0546FF-D44F-4FE4-A324-995FCACB8D33}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9FD0C1D9-180B-4834-B80B-4B7325AF90E1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A07956CD-81F8-4A03-B524-5D87E690DC83}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A18D16ED-27B2-4B83-B70C-15E73F099546}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A2D3FB7A-6873-45E8-AF96-57092D721828}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B5E3B26B-6E5C-4865-A63D-58D04B10E245}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B84D2DC5-42B2-4E5E-BF61-7B48152FF8EF}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B89D5309-0367-4494-A92F-3D4C94F88307}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BEE7E029-5037-4DAD-A2DB-82E397AB1A44}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C014EBF8-8854-448B-B5A4-557C4090EDCE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C1424421-D274-491E-9D47-11C8D8CB5F9A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C31191DB-2F64-464C-B97C-6AC81ACB7AAC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C342C7A7-F622-4EF3-8B7F-ABB9FBE73F14}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C4765B07-BC2F-477B-925C-B2BF24887823}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C875C0A1-09E3-48D5-9F8E-BD337796FD14}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CD126DA6-FF5B-4181-AC13-54A62240D2FA}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CDDAB3A4-E64D-4AE0-9E1D-F3132F5F913F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DC59A866-959C-4638-A191-C13177D0BD68}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DD438708-AAB4-422D-A322-B619589F5680}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E66A759D-367F-433E-85C6-ED7F040BCC32}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E812AE43-7799-4E67-8CF8-4104297A2D16}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E97A663B-81A6-49C5-A6D3-BCB05BA1DE26}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F0BAAEC7-9AE0-49FF-9C4B-86E774FF397F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F4B8D46C-4EEE-401B-8607-DC03025F34B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F92193FD-2243-4401-9ACC-49FF30885898}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD21B8A2-910B-45AC-9C10-45E6A8B84984}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{116A3232-FFD2-E653-A41B-953268ED14F9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220322302236}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220522422246}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220522422248}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550355305536}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555425546}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555425548}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660366306636}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566426646}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566426648}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5B79DF26-5A4A-4A88-BFF4-FE188A4F223E}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{39CB8175-E224-4446-8746-00566302DF8D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4599D05A-D545-4069-BB42-5895B4EAE05B}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{5563BEFE-3B03-43B1-8041-64A9745DAA56}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{8E9F2D02-6B06-4EBA-92C2-68438EADED28}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440344304436}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440544424446}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440544424448}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{c3715f93-4241-49f6-ba85-1d8151b277af}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0F21B1E5-5AFC-43C9-9C66-515046E92EC2}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E56A02B-46FE-4490-B169-F16E5231533B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DC59A866-959C-4638-A191-C13177D0BD68}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{116A3232-FFD2-E653-A41B-953268ED14F9}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0F21B1E5-5AFC-43C9-9C66-515046E92EC2}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AF6B0594-6008-4327-93E5-608AD710A6FA}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0F21B1E5-5AFC-43C9-9C66-515046E92EC2}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8E56A02B-46FE-4490-B169-F16E5231533B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A18D16ED-27B2-4B83-B70C-15E73F099546}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{BEE7E029-5037-4DAD-A2DB-82E397AB1A44}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0AF350D9-3916-454B-AC53-0B0B65F41301}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{208D4124-3895-4974-B293-A159BD306078}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{27CE191D-733B-4450-AFCD-096D105288C3}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{348C2DF3-1191-4C3E-92A6-B3A89A9D9C85}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6E150862-F9E8-456E-9CBC-2CDE1A9F2E33}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A18D16ED-27B2-4B83-B70C-15E73F099546}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B9A768BD-F835-45D9-92A1-F52A7CEE5D5D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BEE7E029-5037-4DAD-A2DB-82E397AB1A44}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C8615E25-D5B5-4DDD-A3C4-21C5D716FB59}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CDAC653C-E45E-43E8-AD5D-A09695A1AC4F}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E92D3824-41F7-4EAE-9E0D-13D0BBDE726D}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Key Deleted : HKCU\Software\1ClickDownload
Key Deleted : HKCU\Software\AnyProtect
Key Deleted : HKCU\Software\DataMngr
[#] Key Deleted : HKCU\Software\DataMngr_Toolbar
Key Deleted : HKCU\Software\FreeSoftToday
Key Deleted : HKCU\Software\Iminent
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\InstalledBrowserExtensions
Key Deleted : HKCU\Software\Myfree Codec
Key Deleted : HKCU\Software\OCS
Key Deleted : HKCU\Software\Optimizer Pro
Key Deleted : HKCU\Software\powerpack
Key Deleted : HKCU\Software\SaveSenseLive
Key Deleted : HKCU\Software\SmartBar
Key Deleted : HKCU\Software\smartbarbackup
Key Deleted : HKCU\Software\smartbarlog
Key Deleted : HKCU\Software\systweak
Key Deleted : HKCU\Software\ToggleMark
Key Deleted : HKCU\Software\Tutorials
Key Deleted : HKCU\Software\TutoTag
Key Deleted : HKCU\Software\AppDataLow\Software\blockAndSurf
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\MediaPlayerplus
Key Deleted : HKCU\Software\AppDataLow\Software\Plus-HD-2.2
Key Deleted : HKCU\Software\AppDataLow\Software\Re_Markit
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKLM\SOFTWARE\AdvertisingSupport
Key Deleted : HKLM\SOFTWARE\Babylon
Key Deleted : HKLM\SOFTWARE\DataMngr
Key Deleted : HKLM\SOFTWARE\DealPlyLive
Key Deleted : HKLM\SOFTWARE\Desksvc
Key Deleted : HKLM\SOFTWARE\FrEeSoFtOdAy
Key Deleted : HKLM\SOFTWARE\hdcode
Key Deleted : HKLM\SOFTWARE\Iminent
Key Deleted : HKLM\SOFTWARE\InstalledBrowserExtensions
Key Deleted : HKLM\SOFTWARE\MediaPlayerplus
Key Deleted : HKLM\SOFTWARE\Myfree Codec
Key Deleted : HKLM\SOFTWARE\nationzoomSoftware
Key Deleted : HKLM\SOFTWARE\omiga-plusSoftware
Key Deleted : HKLM\SOFTWARE\SaveSenseLive
Key Deleted : HKLM\SOFTWARE\SearchProtect
Key Deleted : HKLM\SOFTWARE\SupDp
Key Deleted : HKLM\SOFTWARE\supWindowsProtectManger
Key Deleted : HKLM\SOFTWARE\systweak
Key Deleted : HKLM\SOFTWARE\Tarma Installer
Key Deleted : HKLM\SOFTWARE\ToggleMark
Key Deleted : HKLM\SOFTWARE\Tutorials
Key Deleted : HKLM\SOFTWARE\Umbrella
Key Deleted : HKLM\SOFTWARE\V9
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ToggleMark
Data Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SupTab\SEARCH~1.DLL
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\04D01B4BB24CCD043B69431CCABB1A34
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0702826FCAC36EE52AC0441EEEEE2170
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1198E28F40C3E185E9958608554D4253
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\14C66209FCA938858B9729645C666684
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\15A073601B9AEC3549BE4A9314794615
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1F7C80F9CE5CDF44E9AADDC99402534C
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\206AF45B775E3A445B3B2273827DA85F
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\225C3CBCEB850204D860A6C7CC7724AF
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2310FC151CD4F185798FA0996B3524D7
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\28572D2E2DE533256AC6B560EA573C22
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29C79786B109AC443B0DC7BFD61B1896
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2ABB56EABB920EB59B04BDDD26A62083
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2DABA02DFED47E352A2FA2EBDD6F6187
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\311567B4A9A002050BB9423FD73FB880
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\373FCED70D7F84E5FB5F3F7B76BEE024
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3BE992C130B235E53A2937391FDCA35B
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3DA5F64B3483DE549947A9164ACBAD21
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3ED93605BB9B6635E9D0D86615AF31F1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\43C098337DB065A49B665D4EA7F16D1C
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4759B017032BA185F9BA6F7DBC95A2D4
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4A78ABCBB54E46E5482A3EE0AD66C39E
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4F9E947B6B895EB5A86757FC5D3DB862
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4FEEA83BF72B97E43A2DF0EE4BE4F261
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\509EC7EFB89B7D942997574AB14037A4
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\50A730A9A3A61BF5BA70CA8A3B7C133B
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\51A95A1D4CDE4F958A9451FBB39BF54A
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\536133807DE80465BA6CD0A9742B7DE5
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5E25036E68895D45B95E72D1C3C58C74
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\60ECC80C54085B141A40437A96CA2618
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\60FD8CD5BE007315CA3B5C7E41F24017
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\618E7D05458C4F257909ED9C8CDC0D66
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\621C21014D3C152529E2460FA6304EE3
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6241FF6F317CABD4EBBEE0DE9076BD94
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\636B9C23C79154B57AB561F39A139BFD
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\65AAF0F0CB7F0B45F900FDF19CEAAF2B
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6879A5E348601C45986308CA84958E94
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6A6F3B7A9805E1F5492A1020EEDF2341
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6B1F5D204E4EEB342A5AD1D7E60D61BF
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7005A2A4DCF9DD7548137AB17E3A3AF3
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\712EAF07EE73CC65C822CC3BAE3B2483
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75FF6D97AF9FC004A9521D4B83FA6321
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7947B301B2446E752A3FE06EAD7D26B5
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7987CE52D13E16258B0E1E3DB1BB0974
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7BEED197C514FDA53901AE8DD8EF0891
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DFDCF03D46C34159BDE29FBDBF1ACF5
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\87EC9ACEAFE8ECD52A529663CD35213F
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\890F436B85B790A55A582B7307DA12CE
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8C13DA6755F685B529615C8E92B3CA39
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8D07CD9CB3E6BE652872BF06A1CCA782
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\90841B1FC98200349925C88999866F17
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\94194FDD4DF523E53A888D65722A135D
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\95266D07D008D2E4E9B6F8E0DD15432A
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A4223BBC9438CAD49BBE10B4E344B1DD
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A71991503412AEB42838B02C5ED9F9CD
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A72F23B1D745C27508518132197BC982
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A89E2B6FB14D8275DA63D075171DA184
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A9C43CD4001E9E4518B274AF9A0EFDA9
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AABA081CF7F19915FBB80B3BAF47CE63
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AC2A0FFD0A1686D53A4E24D6E96949E4
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AE5BDB2750259915D8442D4591A7717B
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B1A79C71D5DC1C150B76B6ED11195DFC
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B6D497DB33974935488761F7C4C3D755
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B752EF3300008394886C402CC27B474F
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B8C8BCC1206978D51A8B9EECBF806C53
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BAD3576CEA646895B962F94754612791
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BB4091512C8F4295E99CE2D061ED2020
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BEE6BBC9A31531F598794A62120B51C7
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C19162788CA4D235E829F88E2F771567
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C71F07DA356B66B5484A8E7F2ADEB7DC
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C96AD15EE8E887B56BAF2136A9088503
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C9E6B66ECC49D155888399C51D05C49E
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA360F24F0B214744BE40657FDA0B727
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CB13D869D7D092348847B7481BB59E27
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE85F265816AE2D4E9B73C3E207E679C
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D5389AEEA4A1E20428D045E86BCF643B
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D5B62BB7BC607FB539585E2B7B6AFD16
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB027F01D4D53765C8E4FBE7DB77E07E
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DC2EB492393411F5ABE8ED13C59FBF20
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DDA2534BD056D1F44B6EC96AAA7F1F6E
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DDCA763D4C48A105086B4CCCEE78043F
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DEF7558C7CD27EF46AF802AFBE402675
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E05B987540A9E2849AAF9E5B06C27DA8
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E09F4A6B9D2A08B599AE9E38BFC93CD6
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E27B6535D0D94A24E91047C7D86F27BC
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E45D171E075A5425CBACF6631A45FA39
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E513C2076D90AD04F888BD762143F191
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E8F4C985459564F5B8DCFF2B3C7EBD27
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E96E33222BAC06B57A1FA9D72951C945
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EAA46CE9007F70A5CAFA5F26E5DDEBE5
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EE43FF091A8714A599F33EF2533FB59A
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EE790015CF30DAA569960905FF1651A0
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EEB44C47185BD304D80FDF5A4BBE8F54
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F214EB834D2EC474CA76C1CDE306CF3A
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F25491036D0FA5D5FA6742F5742F151A
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F2E0D3DD9E5E4B74CA43BCE77815E287
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F4D1BA8B482D9734E943EE260A7ADEF2
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F6704141BAAF6884785EC6843143D6A7
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F7507D4D4C310125E9A22BD909A41FB6
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F7652513C62FF63448CFF05163719DB7
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F79C21D785419125595AC59458A6142D
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA15C90F092A60F53A4E0F88CED02968
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA1CF130B3D58B553833ACB6BE8AFAD4
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FB0F1A18E4F0DBD509A42F4D4C05C02A
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FD17ED194F1C2B457B4F6EF4AE8DEAF3
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\5E8031606EB60A64C882918F8FF38DD4
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F1057DD419AED0B468AD8888429E139A
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SaveSenseLive.exe

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17239

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default]

-\\ Mozilla Firefox v31.0 (x86 de)

[ File : C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\pjlxmbu5.default\prefs.js ]

Line Deleted : user_pref("browser.newtab.url", "chrome://quick_start/content/index.html");
Line Deleted : user_pref("browser.search.defaultenginename", "Web Search");
Line Deleted : user_pref("browser.search.order.1", "Delta Search");
Line Deleted : user_pref("browser.search.selectedEngine", "Web Search");
Line Deleted : user_pref("browser.startup.homepage", "hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRaxo67ounJhqib0rXFhtLLIHmXcfrN_YrkL6AMkVAcJ3mJAHPYcE2slwbJii8zfaNUPyB8Jfk-FflQlZ-VsZPeKL-S5mVhf2Ht0mP_WC1CVShFDA72ue264m[...]
Line Deleted : user_pref("browser.uiCustomization.state", "{\"placements\":{\"PanelUI-contents\":[\"edit-controls\",\"zoom-controls\",\"new-window-button\",\"privatebrowsing-button\",\"save-page-button\",\"print-but[...]
Line Deleted : user_pref("extensions.a4fdacf00e9c44ad5b4cfbf9800f184f63685711674e04973936f860cd2a102a9com33036.33036.internaldb.__GAM__gam_domains.value", "%7B%22gambling%22%3A%22casino.williamhill.com%7Cvegas.willi[...]
Line Deleted : user_pref("extensions.a4fdacf00e9c44ad5b4cfbf9800f184f63685711674e04973936f860cd2a102a9com33036.33036.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssf[...]
Line Deleted : user_pref("extensions.aODNZSOUV80284234YL43682704com61998.61998.internaldb.__GAM__gam_domains.value", "%7B%22gambling%22%3A%22casino.williamhill.com%7Cvegas.williamhill.com%7Ccasino.bet365.com%7Ccasin[...]
Line Deleted : user_pref("extensions.aODNZSOUV80284234YL43682704com61998.61998.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssfiles.com%22%5D%7D%2C%22dealply_p%22%3A[...]
Line Deleted : user_pref("extensions.aa0046b9bfdb9497fa4b12a108ad6007a5cdf80b704204bb7b3c0e188e6f4fb8acom54248.54248.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssf[...]
Line Deleted : user_pref("extensions.aa9719e64232b4695ae9ca89cd7f2aa84ca1279dfbc0d44a897ef19301c922b68com54246.54246.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssf[...]
Line Deleted : user_pref("extensions.crossrider.bic", "13f2fc25e2a3c3e2a8bd85c190e2dd45");
Line Deleted : user_pref("extensions.delta.admin", false);
Line Deleted : user_pref("extensions.delta.aflt", "babsst");
Line Deleted : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
Line Deleted : user_pref("extensions.delta.autoRvrt", "false");
Line Deleted : user_pref("extensions.delta.dfltLng", "en");
Line Deleted : user_pref("extensions.delta.excTlbr", false);
Line Deleted : user_pref("extensions.delta.ffxUnstlRst", true);
Line Deleted : user_pref("extensions.delta.id", "b88f8037000000000000902b349439b7");
Line Deleted : user_pref("extensions.delta.instlDay", "15861");
Line Deleted : user_pref("extensions.delta.instlRef", "sst");
Line Deleted : user_pref("extensions.delta.newTab", false);
Line Deleted : user_pref("extensions.delta.prdct", "delta");
Line Deleted : user_pref("extensions.delta.prtnrId", "delta");
Line Deleted : user_pref("extensions.delta.rvrt", "false");
Line Deleted : user_pref("extensions.delta.smplGrp", "none");
Line Deleted : user_pref("extensions.delta.tlbrId", "base");
Line Deleted : user_pref("extensions.delta.tlbrSrchUrl", "");
Line Deleted : user_pref("extensions.delta.vrsn", "1.8.21.5");
Line Deleted : user_pref("extensions.delta.vrsnTs", "1.8.21.520:42:45");
Line Deleted : user_pref("extensions.delta.vrsni", "1.8.21.5");
Line Deleted : user_pref("extensions.delta_i.babExt", "");
Line Deleted : user_pref("extensions.delta_i.babTrack", "affID=119776");
Line Deleted : user_pref("extensions.delta_i.srcExt", "ss");
Line Deleted : user_pref("extensions.helperbar.DockingPositionDown", false);
Line Deleted : user_pref("extensions.helperbar.SmartbarDisabled", false);
Line Deleted : user_pref("extensions.helperbar.SmartbarStateMinimaized", false);
Line Deleted : user_pref("extensions.helperbar.Visibility", true);
Line Deleted : user_pref("extensions.helperbar.countryiso", "de");
Line Deleted : user_pref("extensions.helperbar.downloadprovider", "yahoooc");
Line Deleted : user_pref("extensions.helperbar.externalJsFiles", "{\"d\":\"[{\\\"ExcludeDomains\\\":[\\\"snap.do\\\",\\\"snapdo.com\\\",\\\"www.only-apartments.es\\\",\\\"www.only-apartments.de\\\",\\\"www.only-apar[...]
Line Deleted : user_pref("extensions.helperbar.installationid", "99089bda-3282-9ab6-be5a-1a02db071208");
Line Deleted : user_pref("extensions.helperbar.installdate", "07/02/2014");
Line Deleted : user_pref("extensions.helperbar.lastExternalJsUpdate", "1402673895730");
Line Deleted : user_pref("extensions.helperbar.publisher", "yahoooc");
Line Deleted : user_pref("extensions.helperbar.type", "hp1000");
Line Deleted : user_pref("extensions.iminent.admin", false);
Line Deleted : user_pref("extensions.iminent.aflt", "orgnl");
Line Deleted : user_pref("extensions.iminent.appId", "{0E4B2CAB-B859-4C57-B96E-63DDEC692BC4}");
Line Deleted : user_pref("extensions.iminent.autoRvrt", "false");
Line Deleted : user_pref("extensions.iminent.dfltLng", "");
Line Deleted : user_pref("extensions.iminent.excTlbr", false);
Line Deleted : user_pref("extensions.iminent.ffxUnstlRst", false);
Line Deleted : user_pref("extensions.iminent.id", "b88f8037000000000000902b349439b7");
Line Deleted : user_pref("extensions.iminent.instlDay", "16034");
Line Deleted : user_pref("extensions.iminent.instlRef", "");
Line Deleted : user_pref("extensions.iminent.newTab", false);
Line Deleted : user_pref("extensions.iminent.prdct", "iminent");
Line Deleted : user_pref("extensions.iminent.prtnrId", "iminent");
Line Deleted : user_pref("extensions.iminent.rvrt", "false");
Line Deleted : user_pref("extensions.iminent.smplGrp", "none");
Line Deleted : user_pref("extensions.iminent.tlbrId", "YBCPCSTIPO");
Line Deleted : user_pref("extensions.iminent.tlbrSrchUrl", "hxxp://start.iminent.com/?ref=toolbarm#q=");
Line Deleted : user_pref("extensions.iminent.vrsn", "1.8.26.8");
Line Deleted : user_pref("extensions.iminent.vrsnTs", "1.8.26.820:17:44");
Line Deleted : user_pref("extensions.iminent.vrsni", "1.8.26.8");
Line Deleted : user_pref("extensions.quick_start.enable_search1", false);
Line Deleted : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false);
Line Deleted : user_pref("iminent.enabledAds", "false");
Line Deleted : user_pref("iminent.newtabredirect", "true");
Line Deleted : user_pref("iminent.searchindex", "1");
Line Deleted : user_pref("keyword.URL", "hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRaxo67ounJhqib0rXFhtLLIHmXcfrN_YrkL6AMkVAcJ3mJAHPYcE2slwbJii8zfWL1FQRjNUcGNjPCYTvEeyvjl1UFOsKt3JIXk8EiZIAddBQ1AOwOi-LgdTQghlcIUpUQPIX[...]

-\\ Google Chrome v

[ File : C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [Search Provider] : hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=99089bda-3282-9ab6-be5a-1a02db071208&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=07/02/2014&type=hp1000
Deleted [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325582&octid=EB_ORIGINAL_CTID&ISID=MCF25115F-F52E-4111-A188-F53A7CE5C6D5&SearchSource=58&CUI=&UM=2&UP=SPDAF60D0A-8417-4230-A5A9-18F651785171&q={searchTerms}&SSPV=TBannersA_sp_ch
Deleted [Search Provider] : hxxp://isearch.omiga-plus.com/web/?type=dspp&ts=1402480375&from=tt4u&uid=ST3160023AS_3JS0KDCF&q={searchTerms}
Deleted [Extension] : bopakagnckmlgajfccecajhnimjiiedh
Deleted [Extension] : fjoijdanhaiflhibkljeklcghcmmfffh
Deleted [Extension] : ifohbjbgfchkkfhphahclmkpgejiplfo
Deleted [Extension] : kfakeonomonapccoamcmdgpoaicnpnoo

*************************

AdwCleaner[R0].txt - [266 octets] - [20/08/2014 14:42:55]
AdwCleaner[R1].txt - [266 octets] - [20/08/2014 14:52:09]
AdwCleaner[R2].txt - [266 octets] - [20/08/2014 15:17:18]
AdwCleaner[R3].txt - [67020 octets] - [21/08/2014 22:07:03]
AdwCleaner[S0].txt - [65045 octets] - [21/08/2014 22:11:32]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [65106 octets] ##########

Junkware Removal Tool:

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Ultimate x86
Ran by Max on 21.08.2014 at 22:19:49,56
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-599103058-399197357-876646614-1000\Software\sweetim
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110311301136}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110311301136}



~~~ Files

Successfully deleted: [File] "C:\Windows\System32\Tasks\plus-hd-2.2-codedownloader"
Successfully deleted: [File] "C:\Windows\System32\Tasks\plus-hd-2.2-enabler"
Successfully deleted: [File] "C:\Windows\System32\Tasks\plus-hd-2.2-firefoxinstaller"
Successfully deleted: [File] "C:\Windows\System32\Tasks\plus-hd-2.2-updater"
Successfully deleted: [File] C:\Windows\System32\Tasks\Plus-HD-2.2-chromeinstaller
Successfully deleted: [File] C:\Windows\Tasks\Plus-HD-2.2-chromeinstaller.job
Successfully deleted: [File] C:\Windows\Tasks\Plus-HD-2.2-codedownloader.job
Successfully deleted: [File] C:\Windows\Tasks\Plus-HD-2.2-enabler.job
Successfully deleted: [File] C:\Windows\Tasks\Plus-HD-2.2-firefoxinstaller.job
Successfully deleted: [File] C:\Windows\Tasks\Plus-HD-2.2-updater.job



~~~ Folders

Successfully deleted: [Folder] "C:\Users\Max\Local Settings\Application Data\apn"
Successfully deleted: [Folder] "C:\Windows\system32\ai_recyclebin"



~~~ FireFox

Successfully deleted: [Folder] C:\Users\Max\AppData\Roaming\mozilla\firefox\profiles\pjlxmbu5.default\extensions\{8b337819-d1e8-48d3-8178-168ae8c99c36}
Emptied folder: C:\Users\Max\AppData\Roaming\mozilla\firefox\profiles\pjlxmbu5.default\minidumps [34 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 21.08.2014 at 22:22:19,15
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

FRST :

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:21-08-2014
Ran by Max (administrator) on MAXPC on 21-08-2014 22:24:18
Running from C:\Users\Max\Downloads
Platform: Microsoft Windows 7 Ultimate  Service Pack 1 (X86) OS Language: Englisch (USA)
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVM Berlin) C:\Program Files\avmwlanstick\WLanNetService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
() C:\Windows\System32\PnkBstrA.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avwebgrd.exe
(AVM Berlin) C:\Program Files\avmwlanstick\WLanGUI.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Saitek) C:\Program Files\SmartTechnology\Software\ProfilerU.exe
(Saitek) C:\Program Files\SmartTechnology\Software\SaiMfd.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(BitTorrent, Inc.) C:\Program Files\uTorrent\uTorrent.exe
(Electronic Arts) C:\Program Files\Origin\Origin.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPNetworkCommunicator.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
(Thisisu) C:\Users\Max\Downloads\JRT.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Google Inc.) C:\Users\Max\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Max\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Max\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Max\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Max\AppData\Local\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AVMWlanClient] => C:\Program Files\avmwlanstick\wlangui.exe [2105344 2010-10-22] (AVM Berlin)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [102400 2010-04-06] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [11430504 2011-10-17] (Realtek Semiconductor)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-31] (Apple Inc.)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-14] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [ProfilerU] => C:\Program Files\SmartTechnology\Software\ProfilerU.exe [327680 2013-01-31] (Saitek)
HKLM\...\Run: [SaiMfd] => C:\Program Files\SmartTechnology\Software\SaiMfd.exe [122880 2013-01-31] (Saitek)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [KiesTrayAgent] => C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
HKLM\...\Run: [HP Software Update] => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [54840 2007-05-08] (Hewlett-Packard)
HKLM\...\Run: [hpqSRMon] => C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [718688 2009-10-01] (Microsoft Corporation)
HKLM\...\Run: [Adobe Update] => C:\ProgramData\Adobe\Color.vbs [103 2013-12-11] ()
HKLM\...\Run: [fst_de_37] => [X]
HKLM\...\Run: [Avira Systray] => C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe [161584 2014-08-04] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 2014-08-01] (Apple Inc.)
HKU\.DEFAULT\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2013-03-19] (Microsoft Corporation)
HKU\S-1-5-21-599103058-399197357-876646614-1000\...\Run: [Google Update] => C:\Users\Max\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-11-10] (Google Inc.)
HKU\S-1-5-21-599103058-399197357-876646614-1000\...\Run: [uTorrent] => C:\Program Files\uTorrent\uTorrent.exe [963984 2012-11-10] (BitTorrent, Inc.)
HKU\S-1-5-21-599103058-399197357-876646614-1000\...\Run: [EADM] => C:\Program Files\Origin\Origin.exe [3600728 2014-08-06] (Electronic Arts)
HKU\S-1-5-21-599103058-399197357-876646614-1000\...\Run: [Facebook Update] => C:\Users\Max\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-03-14] (Facebook Inc.)
HKU\S-1-5-21-599103058-399197357-876646614-1000\...\Run: [] => C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
HKU\S-1-5-21-599103058-399197357-876646614-1000\...\Run: [NokiaSuite.exe] => C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe -tray
HKU\S-1-5-21-599103058-399197357-876646614-1000\...\Run: [KiesPreload] => C:\Program Files\Samsung\Kies\Kies.exe /preload
HKU\S-1-5-21-599103058-399197357-876646614-1000\...\Run: [KiesAirMessage] => C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup
HKU\S-1-5-21-599103058-399197357-876646614-1000\...\Run: [HP Deskjet 3050A J611 series (NET)] => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe [1804648 2011-06-08] (Hewlett-Packard Co.)
HKU\S-1-5-21-599103058-399197357-876646614-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-599103058-399197357-876646614-1000\...\Run: [Steam] => C:\Program Files\Steam\Steam.exe [1753280 2014-07-12] (Valve Corporation)
HKU\S-1-5-21-599103058-399197357-876646614-1000\...\Run: [BlockAndSurf] => C:\Program Files\v04BlockAndSurf\BlockAndSurf.exe
HKU\S-1-5-21-599103058-399197357-876646614-1000\...\Run: [BlockAndSurfC] => C:\Program Files\v04BlockAndSurf\BlockAndSurfC.exe
HKU\S-1-5-21-599103058-399197357-876646614-1000\...\MountPoints2: {e1b8273b-2b6d-11e2-aa30-a7f40ee6de8f} - E:\pushinst.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: http=127.0.0.1:14312;https=127.0.0.1:14312
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x416DF7617EBFCD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll No File
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll No File
BHO: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Winsock: Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\pjlxmbu5.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @esn/npbattlelog,version=2.4.0 -> C:\Program Files\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=10.40.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.40.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll No File
FF Plugin: @nokia.com/EnablerPlugin -> C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll No File
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\Max\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\Max\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Max\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: facebook.com/fbDesktopPlugin -> C:\Users\Max\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc -> C:\Program Files\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Freeven pro - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\pjlxmbu5.default\Extensions\a0046b9b-fdb9-497f-a4b1-2a108ad6007a@5cdf80b7-0420-4bb7-b3c0-e188e6f4fb8a.com [2014-07-13]
FF Extension: MediaPlayerplus - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\pjlxmbu5.default\Extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com [2014-07-13]
FF Extension: Avira Browser Safety - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\pjlxmbu5.default\Extensions\abs@avira.com [2014-08-14]
FF Extension: Battlefield Play4Free - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\pjlxmbu5.default\Extensions\battlefieldplay4free@ea.com [2013-03-24]
FF Extension: Plus-HD-2.2c - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\pjlxmbu5.default\Extensions\ODNZSOUV80284234@YL43682704.com [2014-08-20]
FF Extension: Yahoo Community Smartbar - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\pjlxmbu5.default\Extensions\{99089bda-3282-9ab6-be5a-1a02db071208} [2014-03-14]
FF Extension: ToggleMark - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\pjlxmbu5.default\Extensions\{9a9157bb-003e-4fef-8bd1-c09bc4586a28}.xpi [2014-08-19]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-08-14]
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-06-18]
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKCU\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
FF Extension: No Name - C:\Program Files\v04BlockAndSurf\175.xpi []

Chrome: 
=======
CHR HomePage: 
CHR StartupUrls: "hxxp://www.google.de/"
CHR Extension: (Google Docs) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-14]
CHR Extension: (Google Drive) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-14]
CHR Extension: (YouTube) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-14]
CHR Extension: (Google-Suche) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-14]
CHR Extension: (Avira Browser Safety) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-08-14]
CHR Extension: (Google Wallet) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (Google Mail) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-14]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [1021008 2014-08-14] (Avira Operations GmbH & Co. KG)
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
R2 Avira.OE.ServiceHost; C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe [149296 2014-08-04] (Avira Operations GmbH & Co. KG)
R2 AVM WLAN Connection Service; C:\Program Files\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin) [File not signed]
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL [694784 2009-09-20] (Hewlett-Packard Co.) [File not signed]
S3 ICCS; C:\Program Files\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [160256 2011-08-30] (Intel Corporation) [File not signed]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [235696 2014-04-09] (McAfee, Inc.)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2010-08-06] (Hewlett-Packard) [File not signed]
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76888 2014-06-15] ()

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 AODDriver; C:\Program Files\GIGABYTE\ET6\i386\AODDriver.sys [36864 2010-03-12] (Advanced Micro Devices) [File not signed]
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [19056 2011-11-02] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [97648 2014-07-01] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136216 2014-06-11] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-11-26] (Avira Operations GmbH & Co. KG)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [4352 2010-10-01] (AVM Berlin) [File not signed]
R3 fwlanusb4; C:\Windows\System32\DRIVERS\fwlanusb4.sys [926080 2010-10-01] (AVM GmbH)
S3 gdrv; C:\Windows\gdrv.sys [17488 2013-10-24] (Windows (R) 2000 DDK provider)
S3 GVTDrv; C:\Windows\system32\Drivers\GVTDrv.sys [24944 2013-10-24] ()
S3 SaiK1703; C:\Windows\System32\DRIVERS\SaiK1703.sys [145216 2012-09-20] (Saitek)
R3 SaiMini; C:\Windows\System32\DRIVERS\SaiMini.sys [23200 2013-02-01] (Saitek)
R3 SaiNtBus; C:\Windows\System32\drivers\SaiBus.sys [46624 2013-02-01] (Saitek)
S3 SaiU1703; C:\Windows\System32\DRIVERS\SaiU1703.sys [41280 2012-09-20] (Saitek)
S3 scramby; C:\Windows\System32\drivers\scramby.sys [25896 2007-02-13] (RapidSolution Software AG)
S3 scramby_out; C:\Windows\System32\drivers\scramby_out.sys [23840 2007-08-08] (RapidSolution Software AG)
S0 sfdrv01; C:\Windows\System32\drivers\sfdrv01.sys [48640 2005-03-03] (Protection Technology) [File not signed]
R0 sfhlp02; C:\Windows\System32\drivers\sfhlp02.sys [6656 2005-02-23] (Protection Technology) [File not signed]
S0 sfsync02; C:\Windows\System32\drivers\sfsync02.sys [20544 2004-12-03] (Protection Technology) [File not signed]
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2012-08-27] (Avira GmbH)
R1 VirtDiskBus; C:\Windows\System32\DRIVERS\VirtDiskBus.sys [57456 2011-02-08] (Giga-Byte Technology CO., LTD.)
S3 xnacc; C:\Windows\System32\DRIVERS\xnacc.sys [465408 2009-07-14] (Microsoft Corporation)
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [48128 2009-07-14] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-21 22:24 - 2014-08-21 22:24 - 00000000 ____D () C:\Users\Max\Downloads\FRST-OlderVersion
2014-08-21 22:22 - 2014-08-21 22:22 - 00002538 _____ () C:\Users\Max\Desktop\JRT.txt
2014-08-21 22:19 - 2014-08-21 22:19 - 00000000 ____D () C:\Windows\ERUNT
2014-08-21 22:18 - 2014-08-21 22:18 - 01016261 _____ (Thisisu) C:\Users\Max\Downloads\JRT.exe
2014-08-21 22:08 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\system32\sqlite3.dll
2014-08-21 22:05 - 2014-08-21 22:05 - 01364531 _____ () C:\Users\Max\Downloads\adwcleaner_3.308.exe
2014-08-20 14:42 - 2014-08-21 22:12 - 00000000 ____D () C:\AdwCleaner
2014-08-20 14:41 - 2014-08-20 14:41 - 01361671 _____ () C:\Users\Max\Downloads\adwcleaner_3.307.exe
2014-08-20 14:20 - 2014-08-20 14:20 - 00001762 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-08-20 14:20 - 2014-08-20 14:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-08-20 14:20 - 2014-08-20 14:20 - 00000000 ____D () C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-08-20 14:20 - 2014-08-20 14:20 - 00000000 ____D () C:\Program Files\iTunes
2014-08-20 14:20 - 2014-08-20 14:20 - 00000000 ____D () C:\Program Files\iPod
2014-08-20 00:28 - 2014-08-20 00:28 - 00000468 _____ () C:\Users\Max\Downloads\defogger_disable.log
2014-08-20 00:28 - 2014-08-20 00:28 - 00000240 _____ () C:\Users\Max\Downloads\defogger_enable.log
2014-08-20 00:26 - 2014-08-20 00:26 - 00050477 _____ () C:\Users\Max\Downloads\Defogger.exe
2014-08-20 00:18 - 2014-08-20 00:19 - 00037803 _____ () C:\Users\Max\Downloads\Addition.txt
2014-08-20 00:16 - 2014-08-21 22:24 - 00021508 _____ () C:\Users\Max\Downloads\FRST.txt
2014-08-20 00:16 - 2014-08-21 22:24 - 00000000 ____D () C:\FRST
2014-08-20 00:15 - 2014-08-21 22:24 - 01094144 _____ (Farbar) C:\Users\Max\Downloads\FRST.exe
2014-08-20 00:10 - 2014-08-20 00:10 - 00001227 _____ () C:\Users\Max\Desktop\Revo Uninstaller.lnk
2014-08-20 00:10 - 2014-08-20 00:10 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-08-20 00:08 - 2014-08-20 00:09 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Max\Downloads\revosetup95.exe
2014-08-14 20:14 - 2014-08-14 20:14 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-08-14 19:09 - 2014-08-18 22:23 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-14 19:09 - 2014-08-18 22:22 - 00001104 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-14 02:07 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-14 02:07 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-14 02:07 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-14 02:07 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-14 00:01 - 2014-08-01 01:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-14 00:01 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-14 00:01 - 2014-07-25 15:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-14 00:01 - 2014-07-25 15:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-14 00:01 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-14 00:01 - 2014-07-25 14:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-14 00:01 - 2014-07-25 14:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-14 00:01 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-14 00:01 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-14 00:01 - 2014-07-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-14 00:01 - 2014-07-25 14:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-14 00:01 - 2014-07-25 14:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-14 00:01 - 2014-07-25 14:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-14 00:01 - 2014-07-25 14:10 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-14 00:01 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-14 00:01 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-14 00:01 - 2014-07-25 13:59 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-14 00:01 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-14 00:01 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-14 00:01 - 2014-07-25 13:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-14 00:01 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-14 00:01 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-14 00:01 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-14 00:01 - 2014-07-25 13:09 - 00663040 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-14 00:01 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-14 00:01 - 2014-07-25 13:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-14 00:01 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-14 00:01 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-14 00:01 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-14 00:01 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-13 23:55 - 2014-07-14 03:42 - 00654336 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-13 23:55 - 2014-06-16 03:44 - 00730048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-13 23:55 - 2014-06-16 03:44 - 00219072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2014-08-13 23:55 - 2014-06-16 03:40 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2014-08-13 23:53 - 2014-07-16 04:47 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-13 23:53 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-13 23:53 - 2014-07-16 03:47 - 02352640 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-13 23:52 - 2014-06-03 11:30 - 00101824 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-13 23:52 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-13 23:52 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-13 23:52 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-13 23:48 - 2014-07-09 03:29 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-08-13 23:48 - 2014-07-09 03:29 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-08-13 23:48 - 2014-07-09 03:29 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-08-13 23:48 - 2014-07-09 03:29 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-08-13 23:48 - 2014-07-09 03:29 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-08-13 23:48 - 2014-07-09 00:30 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-08-13 23:48 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-11 01:48 - 2014-08-11 01:48 - 00001500 _____ () C:\Users\Public\Desktop\Wing Commander III.lnk
2014-08-11 01:48 - 2014-08-11 01:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wing Commander III
2014-08-04 21:45 - 2014-08-04 21:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2014-08-04 21:45 - 2014-08-04 21:45 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-08-02 18:45 - 2014-08-14 23:55 - 00000000 ____D () C:\Windows\rescache
2014-08-01 19:13 - 2014-05-14 18:23 - 01973728 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-01 19:13 - 2014-05-14 18:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-01 19:13 - 2014-05-14 18:23 - 00054240 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-01 19:13 - 2014-05-14 18:23 - 00045536 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-08-01 19:13 - 2014-05-14 18:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-08-01 19:13 - 2014-05-14 18:17 - 02425856 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-01 19:13 - 2014-05-14 18:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-01 19:12 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-01 19:12 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-07-30 16:07 - 2014-07-30 16:07 - 00000970 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-07-30 16:07 - 2014-07-30 16:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-07-30 16:07 - 2014-07-30 16:07 - 00000000 ____D () C:\Program Files\CCleaner
2014-07-30 16:06 - 2014-07-30 16:06 - 04813544 _____ (Piriform Ltd) C:\Users\Max\Downloads\ccsetup416.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-21 22:25 - 2014-08-20 00:16 - 00021508 _____ () C:\Users\Max\Downloads\FRST.txt
2014-08-21 22:24 - 2014-08-21 22:24 - 00000000 ____D () C:\Users\Max\Downloads\FRST-OlderVersion
2014-08-21 22:24 - 2014-08-20 00:16 - 00000000 ____D () C:\FRST
2014-08-21 22:24 - 2014-08-20 00:15 - 01094144 _____ (Farbar) C:\Users\Max\Downloads\FRST.exe
2014-08-21 22:24 - 2009-07-14 06:34 - 00023232 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-21 22:24 - 2009-07-14 06:34 - 00023232 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-21 22:22 - 2014-08-21 22:22 - 00002538 _____ () C:\Users\Max\Desktop\JRT.txt
2014-08-21 22:22 - 2014-07-14 22:08 - 00000000 ____D () C:\Program Files\Steam
2014-08-21 22:21 - 2012-11-09 19:00 - 00000000 ____D () C:\Users\Max\AppData\Roaming\uTorrent
2014-08-21 22:19 - 2014-08-21 22:19 - 00000000 ____D () C:\Windows\ERUNT
2014-08-21 22:19 - 2012-11-10 22:50 - 00000000 ____D () C:\Users\Max\AppData\Roaming\Skype
2014-08-21 22:18 - 2014-08-21 22:18 - 01016261 _____ (Thisisu) C:\Users\Max\Downloads\JRT.exe
2014-08-21 22:17 - 2012-11-10 22:25 - 00001508 _____ () C:\Users\Max\Desktop\Google Chrome.lnk
2014-08-21 22:16 - 2013-01-27 19:58 - 00000000 ____D () C:\Program Files\Origin
2014-08-21 22:14 - 2013-10-24 19:37 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-08-21 22:14 - 2012-11-10 23:37 - 00944706 _____ () C:\Windows\PFRO.log
2014-08-21 22:14 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-21 22:14 - 2009-07-14 06:39 - 00108273 _____ () C:\Windows\setupact.log
2014-08-21 22:13 - 2012-11-10 03:06 - 01987356 _____ () C:\Windows\WindowsUpdate.log
2014-08-21 22:12 - 2014-08-20 14:42 - 00000000 ____D () C:\AdwCleaner
2014-08-21 22:12 - 2014-02-07 22:34 - 00001012 _____ () C:\Users\Max\Desktop\Search.lnk
2014-08-21 22:12 - 2012-12-08 17:48 - 00001024 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-08-21 22:12 - 2012-12-08 17:48 - 00001012 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-08-21 22:12 - 2009-07-14 04:04 - 00000540 _____ () C:\Windows\win.ini
2014-08-21 22:05 - 2014-08-21 22:05 - 01364531 _____ () C:\Users\Max\Downloads\adwcleaner_3.308.exe
2014-08-21 22:04 - 2013-01-27 19:58 - 00000000 ____D () C:\ProgramData\Origin
2014-08-21 22:03 - 2012-12-13 21:05 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-21 21:59 - 2009-07-14 06:33 - 00294544 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-21 01:28 - 2012-11-10 22:18 - 00001112 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-599103058-399197357-876646614-1000UA.job
2014-08-21 01:08 - 2013-12-24 19:48 - 00000000 ____D () C:\Users\Max\Documents\FIFA 14
2014-08-21 00:39 - 2013-03-14 22:34 - 00000920 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-599103058-399197357-876646614-1000UA.job
2014-08-20 21:39 - 2013-03-14 22:34 - 00000898 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-599103058-399197357-876646614-1000Core.job
2014-08-20 21:18 - 2014-07-15 22:43 - 00003072 _____ () C:\Users\Max\AppData\Local\BlockAndSurfdb.sqlite
2014-08-20 14:41 - 2014-08-20 14:41 - 01361671 _____ () C:\Users\Max\Downloads\adwcleaner_3.307.exe
2014-08-20 14:28 - 2013-10-15 18:47 - 00001060 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-599103058-399197357-876646614-1000Core1cec9c63a82270b.job
2014-08-20 14:20 - 2014-08-20 14:20 - 00001762 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-08-20 14:20 - 2014-08-20 14:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-08-20 14:20 - 2014-08-20 14:20 - 00000000 ____D () C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-08-20 14:20 - 2014-08-20 14:20 - 00000000 ____D () C:\Program Files\iTunes
2014-08-20 14:20 - 2014-08-20 14:20 - 00000000 ____D () C:\Program Files\iPod
2014-08-20 14:20 - 2012-12-29 15:39 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-08-20 13:47 - 2012-12-08 17:48 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-08-20 00:28 - 2014-08-20 00:28 - 00000468 _____ () C:\Users\Max\Downloads\defogger_disable.log
2014-08-20 00:28 - 2014-08-20 00:28 - 00000240 _____ () C:\Users\Max\Downloads\defogger_enable.log
2014-08-20 00:28 - 2012-11-09 18:28 - 00000000 ____D () C:\Users\Max
2014-08-20 00:26 - 2014-08-20 00:26 - 00050477 _____ () C:\Users\Max\Downloads\Defogger.exe
2014-08-20 00:19 - 2014-08-20 00:18 - 00037803 _____ () C:\Users\Max\Downloads\Addition.txt
2014-08-20 00:10 - 2014-08-20 00:10 - 00001227 _____ () C:\Users\Max\Desktop\Revo Uninstaller.lnk
2014-08-20 00:10 - 2014-08-20 00:10 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-08-20 00:09 - 2014-08-20 00:08 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Max\Downloads\revosetup95.exe
2014-08-18 22:23 - 2014-08-14 19:09 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-18 22:22 - 2014-08-14 19:09 - 00001104 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-18 22:22 - 2013-02-10 14:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-08-18 22:22 - 2013-02-10 14:37 - 00000000 ____D () C:\Program Files\Avira
2014-08-18 22:19 - 2013-12-21 14:19 - 00000179 _____ () C:\Users\Max\AppData\Roaming\WB.CFG
2014-08-14 23:55 - 2014-08-02 18:45 - 00000000 ____D () C:\Windows\rescache
2014-08-14 23:05 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-08-14 20:14 - 2014-08-14 20:14 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-08-14 19:09 - 2013-02-10 14:37 - 00000000 ____D () C:\ProgramData\Avira
2014-08-14 18:50 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\de-DE
2014-08-14 02:16 - 2013-07-20 17:30 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-14 02:09 - 2012-11-11 22:38 - 96303304 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-11 01:48 - 2014-08-11 01:48 - 00001500 _____ () C:\Users\Public\Desktop\Wing Commander III.lnk
2014-08-11 01:48 - 2014-08-11 01:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wing Commander III
2014-08-11 01:48 - 2009-07-14 06:52 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-08-10 19:25 - 2013-01-27 20:05 - 00000000 ____D () C:\Program Files\Origin Games
2014-08-04 21:45 - 2014-08-04 21:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2014-08-04 21:45 - 2014-08-04 21:45 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-08-04 21:45 - 2013-04-30 21:28 - 00002021 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2014-08-04 21:45 - 2013-04-30 21:28 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-08-01 01:16 - 2014-08-14 00:01 - 00307384 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-31 22:52 - 2012-11-10 22:50 - 00000000 ___RD () C:\Program Files\Skype
2014-07-30 18:52 - 2014-04-05 19:05 - 00000602 __RSH () C:\ProgramData\ntuser.pol
2014-07-30 16:07 - 2014-07-30 16:07 - 00000970 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-07-30 16:07 - 2014-07-30 16:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-07-30 16:07 - 2014-07-30 16:07 - 00000000 ____D () C:\Program Files\CCleaner
2014-07-30 16:06 - 2014-07-30 16:06 - 04813544 _____ (Piriform Ltd) C:\Users\Max\Downloads\ccsetup416.exe
2014-07-30 15:22 - 2014-07-05 11:49 - 00000003 _____ () C:\Users\Max\AppData\Local\proxy.log
2014-07-25 15:51 - 2014-08-14 00:01 - 17524224 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-25 15:04 - 2014-08-14 00:01 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-25 15:03 - 2014-08-14 00:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-07-25 14:34 - 2014-08-14 00:01 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-25 14:34 - 2014-08-14 00:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-25 14:33 - 2014-08-14 00:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-07-25 14:30 - 2014-08-14 00:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-07-25 14:21 - 2014-08-14 00:01 - 02184704 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-25 14:18 - 2014-08-14 00:01 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-25 14:17 - 2014-08-14 00:01 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-25 14:12 - 2014-08-14 00:01 - 00438784 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-25 14:10 - 2014-08-14 00:01 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-25 14:10 - 2014-08-14 00:01 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-07-25 14:08 - 2014-08-14 00:01 - 00597504 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-07-25 14:06 - 2014-08-14 00:01 - 04204032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-25 13:59 - 2014-08-14 00:01 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-25 13:52 - 2014-08-14 00:01 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-25 13:43 - 2014-08-14 00:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-25 13:36 - 2014-08-14 00:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-25 13:34 - 2014-08-14 00:01 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-25 13:29 - 2014-08-14 00:01 - 00239616 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-25 13:13 - 2014-08-14 00:01 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-25 13:09 - 2014-08-14 00:01 - 00663040 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-25 13:07 - 2014-08-14 00:01 - 02001920 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-25 13:07 - 2014-08-14 00:01 - 01068032 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-07-25 13:03 - 2014-08-14 00:01 - 11772928 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-25 12:09 - 2014-08-14 00:01 - 00704512 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-25 12:05 - 2014-08-14 00:01 - 01792512 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-25 12:00 - 2014-08-14 00:01 - 01169920 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

Some content of TEMP:
====================
C:\Users\Max\AppData\Local\Temp\avgnt.exe
C:\Users\Max\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-08-17 19:24

==================== End Of Log ============================

--- --- ---

cosinus · 22.08.2014, 08:59

Zitat:

Battlefield Play4Free (HKCU\...\{87686C21-8A15-4b4d-A3F1-11141D9BE094}) (Version: - EA Digital illusions)
FIFA 14 (HKLM\...\{AA7A2800-1E75-4240-855B-03AFF8E5171E}) (Version: 1.0.0.7 - Electronic Arts)

Reiner Arbeits-PC?!

Bitte auch ne neue Addition.txt erstellen, dazu FRST starten und einen Haken setzen bei Addition.txt, dann auf Scan klicken.

derhalma123 · 23.08.2014, 17:49

Für die Mittagspause

FRST Additions Logfile:

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x86) Version:23-08-2014
Ran by Max at 2014-08-23 18:45:08
Running from C:\Users\Max\Downloads\FRST-OlderVersion
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Reader XI (11.0.08) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Apple Application Support (HKLM\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{941B4CE7-3F5D-443E-A8B7-56A420D2EAFD}) (Version: 7.1.2.6 - Apple Inc.)
Avira (HKLM\...\{e67154a7-9cc5-4167-b782-f3982bc6c70d}) (Version: 1.1.19.30000 - Avira Operations GmbH & Co. KG)
Avira (Version: 1.1.19.30000 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM\...\Avira AntiVir Desktop) (Version: 14.0.6.552 - Avira)
Battlefield Play4Free (HKCU\...\{87686C21-8A15-4b4d-A3F1-11141D9BE094}) (Version:  - EA Digital illusions)
FIFA 14 (HKLM\...\{AA7A2800-1E75-4240-855B-03AFF8E5171E}) (Version: 1.0.0.7 - Electronic Arts)
Google Chrome (HKCU\...\Google Chrome) (Version: 36.0.1985.143 - Google Inc.)
iTunes (HKLM\...\{86D04316-F49A-4AF2-B3F1-A1E943886CE7}) (Version: 11.3.1.2 - Apple Inc.)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Mozilla Firefox 31.0 (x86 de) (HKLM\...\Mozilla Firefox 31.0 (x86 de)) (Version: 31.0 - Mozilla)
MyFreeCodec (HKCU\...\MyFreeCodec) (Version:  - )
Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Skype Click to Call (HKLM\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Wing Commander III (HKLM\...\{F96B9930-E22A-44D6-81B5-6C8E92C21B4B}) (Version: 2.0.0.2 - Electronic Arts)
Yahoo Community Smartbar Engine (HKCU\...\{72966a28-4f87-49d2-bdbc-c0e3d562272e}) (Version: 10.201.66.14591 - Linkury Inc.) <==== ATTENTION

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-599103058-399197357-876646614-1000_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\Max\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-599103058-399197357-876646614-1000_Classes\CLSID\{035FBE31-3755-450A-A775-5E6BBD43D344}\InprocServer32 -> C:\Users\Max\AppData\Local\Google\Update\1.3.21.135\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-599103058-399197357-876646614-1000_Classes\CLSID\{04FE3112-DB93-424D-B958-5E709395693F}\InprocServer32 -> C:\Users\Max\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.)
CustomCLSID: HKU\S-1-5-21-599103058-399197357-876646614-1000_Classes\CLSID\{087B3AE3-E237-4467-B8DB-5A38AB959AC9}\InprocServer32 -> C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-599103058-399197357-876646614-1000_Classes\CLSID\{1c492e6a-2803-5ed7-83e1-1b1d4d41eb39}\InprocServer32 -> C:\Program Files\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
CustomCLSID: HKU\S-1-5-21-599103058-399197357-876646614-1000_Classes\CLSID\{1FD1FE74-9E3C-4C1C-AEEB-AAB592AD770F}\localserver32 -> C:\Users\Max\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-599103058-399197357-876646614-1000_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\Max\AppData\Local\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-599103058-399197357-876646614-1000_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\Max\AppData\Local\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-599103058-399197357-876646614-1000_Classes\CLSID\{30A2652A-DDF7-45e7-ACA6-3EAB26FC8A4E}\localserver32 -> C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
CustomCLSID: HKU\S-1-5-21-599103058-399197357-876646614-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Max\AppData\Local\Google\Update\1.3.23.9\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-599103058-399197357-876646614-1000_Classes\CLSID\{3B092F0C-7696-40E3-A80F-68D74DA84210}\InprocServer32 -> C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-599103058-399197357-876646614-1000_Classes\CLSID\{41662FC2-0D57-4aff-AB27-AD2E12E7C273}\localserver32 -> C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
CustomCLSID: HKU\S-1-5-21-599103058-399197357-876646614-1000_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\Max\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS)
CustomCLSID: HKU\S-1-5-21-599103058-399197357-876646614-1000_Classes\CLSID\{448BB771-CFE2-47C4-BCDF-1FBF378E202C}\localserver32 -> C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
CustomCLSID: HKU\S-1-5-21-599103058-399197357-876646614-1000_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\Max\AppData\Local\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-599103058-399197357-876646614-1000_Classes\CLSID\{5C65F4B0-3651-4514-B207-D10CB699B14B}\localserver32 -> C:\Users\Max\AppData\Local\Google\Chrome\Application\36.0.1985.143\delegate_execute.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-599103058-399197357-876646614-1000_Classes\CLSID\{5E71E4F3-E8C7-4906-9626-973E418762B6}\InprocServer32 -> C:\Users\Max\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-599103058-399197357-876646614-1000_Classes\CLSID\{62A0D750-DED9-448C-B693-406B34BB0892}\InprocServer32 -> C:\Users\Max\AppData\Local\Google\Update\1.3.21.145\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-599103058-399197357-876646614-1000_Classes\CLSID\{634059C0-D264-4B2C-AE80-F73E48D33E5B}\InprocServer32 -> C:\Users\Max\AppData\Local\Google\Update\1.3.21.123\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-599103058-399197357-876646614-1000_Classes\CLSID\{63542C48-9552-494A-84F7-73AA6A7C99C1}\InprocServer32 -> C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-599103058-399197357-876646614-1000_Classes\CLSID\{6D7374DE-63AA-473C-8C02-60D9CDCD84C5}\InprocServer32 -> C:\Users\Max\AppData\Local\Google\Update\1.3.21.153\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-599103058-399197357-876646614-1000_Classes\CLSID\{7B342DC4-139A-4a46-8A93-DB0827CCEE9C}\localserver32 -> C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
CustomCLSID: HKU\S-1-5-21-599103058-399197357-876646614-1000_Classes\CLSID\{7BC0E710-5703-45BE-A29D-5D46D8B39262}\InprocServer32 -> C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\ooofilt.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-599103058-399197357-876646614-1000_Classes\CLSID\{7FA8AE11-B3E3-4D88-AABF-255526CD1CE8}\localserver32 -> C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
CustomCLSID: HKU\S-1-5-21-599103058-399197357-876646614-1000_Classes\CLSID\{80A95F12-94C2-4B1D-8AE3-F0CBE5E96E85}\InprocServer32 -> C:\Users\Max\AppData\Local\ASKTOO~1\DOWNLO~1\AVIRAW~1.DLL No File
CustomCLSID: HKU\S-1-5-21-599103058-399197357-876646614-1000_Classes\CLSID\{82154420-0FBF-11d4-8313-005004526AB4}\localserver32 -> C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
CustomCLSID: HKU\S-1-5-21-599103058-399197357-876646614-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Max\AppData\Local\Google\Update\1.3.24.15\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-599103058-399197357-876646614-1000_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61}\InprocServer32 -> C:\Users\Max\AppData\Local\Google\Update\1.3.22.3\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-599103058-399197357-876646614-1000_Classes\CLSID\{A54D478D-4F70-4F72-9A74-17C9986E35AB}\InprocServer32 -> C:\Users\Max\AppData\Local\Google\Update\1.3.21.165\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-599103058-399197357-876646614-1000_Classes\CLSID\{AE424E85-F6DF-4910-A6A9-438797986431}\InprocServer32 -> C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\propertyhdl.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-599103058-399197357-876646614-1000_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\Max\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-599103058-399197357-876646614-1000_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\Max\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-599103058-399197357-876646614-1000_Classes\CLSID\{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\InprocServer32 -> C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-599103058-399197357-876646614-1000_Classes\CLSID\{D0484DE6-AAEE-468a-991F-8D4B0737B57A}\localserver32 -> C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
CustomCLSID: HKU\S-1-5-21-599103058-399197357-876646614-1000_Classes\CLSID\{D2D59CD1-0A6A-4D36-AE20-47817077D57C}\localserver32 -> C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
CustomCLSID: HKU\S-1-5-21-599103058-399197357-876646614-1000_Classes\CLSID\{E5A0B632-DFBA-4549-9346-E414DA06E6F8}\localserver32 -> C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
CustomCLSID: HKU\S-1-5-21-599103058-399197357-876646614-1000_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\Max\AppData\Local\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-599103058-399197357-876646614-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Max\AppData\Local\Google\Update\1.3.24.15\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-599103058-399197357-876646614-1000_Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93}\InprocServer32 -> C:\Users\Max\AppData\Local\Google\Update\1.3.22.5\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-599103058-399197357-876646614-1000_Classes\CLSID\{EE5D1EA4-D445-4289-B2FC-55FC93693917}\localserver32 -> C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
CustomCLSID: HKU\S-1-5-21-599103058-399197357-876646614-1000_Classes\CLSID\{F616B81F-7BB8-4F22-B8A5-47428D59F8AD}\localserver32 -> C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
CustomCLSID: HKU\S-1-5-21-599103058-399197357-876646614-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Max\AppData\Local\Google\Update\1.3.24.7\psuser.dll No File

==================== Restore Points  =========================


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0AF4075E-9DCF-45C1-9B60-9400358D4820} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-599103058-399197357-876646614-1000Core => C:\Users\Max\AppData\Local\Google\Update\GoogleUpdate.exe [2012-11-10] (Google Inc.)
Task: {1EAB67E2-07E4-402F-8D08-4C3EF7813342} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-599103058-399197357-876646614-1000UA => C:\Users\Max\AppData\Local\Google\Update\GoogleUpdate.exe [2012-11-10] (Google Inc.)
Task: {3260D282-E5DE-455A-A316-90A41C04EAAF} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {424A3E36-FC77-45E2-AB6C-E65493383CB2} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-07-23] (Piriform Ltd)
Task: {939CF649-EF07-4271-9B91-DFB9E8953593} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-11] (Adobe Systems Incorporated)
Task: {B36B1699-164E-430E-828E-FC23E23F7183} - System32\Tasks\{48FC7E73-673A-4CB5-8BC8-588EDE4ADE8E} => Firefox.exe hxxp://ui.skype.com/ui/0/6.1.60.129/de/abandoninstall?page=tsProgressBar
Task: {BB11DABE-EA5F-4213-A940-9ABFE29928D7} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-599103058-399197357-876646614-1000UA => C:\Users\Max\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-03-14] (Facebook Inc.)
Task: {C929E71B-A9D5-4215-8989-EF4F0674DD7A} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-599103058-399197357-876646614-1000Core1cec9c63a82270b => C:\Users\Max\AppData\Local\Google\Update\GoogleUpdate.exe [2012-11-10] (Google Inc.)
Task: {C9D1A74D-40E8-45BA-B714-3EB243BA555F} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-599103058-399197357-876646614-1000Core => C:\Users\Max\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-03-14] (Facebook Inc.)
Task: {EF909426-9C69-4404-9063-9B0B6FD3B844} - System32\Tasks\{21355931-9FF8-4C68-84AE-D409493FBDCC} => Firefox.exe hxxp://ui.skype.com/ui/0/6.1.60.129/de/abandoninstall?page=tsProgressBar

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-599103058-399197357-876646614-1000Core.job => C:\Users\Max\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-599103058-399197357-876646614-1000UA.job => C:\Users\Max\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-599103058-399197357-876646614-1000Core1cec9c63a82270b.job => C:\Users\Max\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-599103058-399197357-876646614-1000UA.job => C:\Users\Max\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-10-24 22:28 - 2013-10-15 23:57 - 00092448 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
2014-04-23 16:05 - 2014-04-23 16:05 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2014-04-23 16:04 - 2014-04-23 16:04 - 01044808 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2012-11-17 15:23 - 2014-06-15 17:14 - 00076888 _____ () C:\Windows\system32\PnkBstrA.exe
2014-08-04 14:20 - 2014-08-04 14:20 - 00139056 _____ () C:\Program Files\Avira\My Avira\Avira.OE.NativeCore.dll
2014-08-04 14:20 - 2014-08-04 14:20 - 00067832 _____ () C:\Program Files\Avira\My Avira\Avira.OE.AvConnectorNative.dll
2014-08-14 19:09 - 2014-08-04 14:20 - 00052472 _____ () C:\Users\Max\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
2011-06-08 23:57 - 2011-06-08 23:57 - 01929576 _____ () C:\Windows\system32\HPScanTRDrv_DJ3050A_J611.dll
2014-01-29 19:53 - 2014-08-06 13:59 - 00962560 _____ () C:\Program Files\Origin\platforms\qwindows.dll
2014-01-29 19:53 - 2014-08-06 13:59 - 00024064 _____ () C:\Program Files\Origin\imageformats\qgif.dll
2014-01-29 19:53 - 2014-08-06 13:59 - 00025088 _____ () C:\Program Files\Origin\imageformats\qico.dll
2014-01-29 19:53 - 2014-08-06 13:59 - 00217088 _____ () C:\Program Files\Origin\imageformats\qjpeg.dll
2014-01-29 19:53 - 2014-08-06 13:59 - 00261632 _____ () C:\Program Files\Origin\imageformats\qmng.dll
2014-01-29 19:53 - 2014-08-06 13:59 - 00019968 _____ () C:\Program Files\Origin\imageformats\qtga.dll
2014-01-29 19:53 - 2014-08-06 13:59 - 00302592 _____ () C:\Program Files\Origin\imageformats\qtiff.dll
2014-01-29 19:53 - 2014-08-06 13:59 - 00018944 _____ () C:\Program Files\Origin\imageformats\qwbmp.dll
2014-08-15 00:32 - 2014-08-07 05:20 - 00718152 _____ () C:\Users\Max\AppData\Local\Google\Chrome\Application\36.0.1985.143\libglesv2.dll
2014-08-15 00:32 - 2014-08-07 05:20 - 00126280 _____ () C:\Users\Max\AppData\Local\Google\Chrome\Application\36.0.1985.143\libegl.dll
2014-08-15 00:32 - 2014-08-07 05:20 - 08537928 _____ () C:\Users\Max\AppData\Local\Google\Chrome\Application\36.0.1985.143\pdf.dll
2014-08-15 00:32 - 2014-08-07 05:20 - 00353096 _____ () C:\Users\Max\AppData\Local\Google\Chrome\Application\36.0.1985.143\ppGoogleNaClPluginChrome.dll
2014-08-15 00:32 - 2014-08-07 05:20 - 01732936 _____ () C:\Users\Max\AppData\Local\Google\Chrome\Application\36.0.1985.143\ffmpegsumo.dll
2009-11-24 14:36 - 2009-11-24 14:36 - 00016384 ____R () C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll
2012-11-10 21:55 - 2012-11-10 21:55 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:373E1720

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


==================== Faulty Device Manager Devices =============

Name: Programmable Root Enumerator
Description: Programming Support
Class Guid: {678dcf40-e2e6-11d5-8cd5-e960089ea00a}
Manufacturer: Mad Catz
Service: SaiNtBus
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Deskjet 3050A J611 series
Description: Deskjet 3050A J611 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============
Error: (08/23/2014 06:36:36 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Peer Name Resolution Protocol" wurde mit folgendem Fehler beendet: 
%%-2140993535

Error: (08/23/2014 06:36:36 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Peer Networking Grouping" ist vom Dienst "Peer Name Resolution Protocol" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%-2140993535

Error: (08/23/2014 06:36:36 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Peer Name Resolution Protocol" wurde mit folgendem Fehler beendet: 
%%-2140993535

Error: (08/23/2014 06:36:36 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Peer Networking Grouping" ist vom Dienst "Peer Name Resolution Protocol" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%-2140993535

Error: (08/23/2014 06:36:36 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Peer Name Resolution Protocol" wurde mit folgendem Fehler beendet: 
%%-2140993535

Error: (08/23/2014 06:36:36 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Peer Networking Grouping" ist vom Dienst "Peer Name Resolution Protocol" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%-2140993535

Error: (08/23/2014 06:36:36 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Peer Name Resolution Protocol" wurde mit folgendem Fehler beendet: 
%%-2140993535

Error: (08/23/2014 06:36:36 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Peer Networking Grouping" ist vom Dienst "Peer Name Resolution Protocol" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%-2140993535

Error: (08/23/2014 06:36:36 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Peer Name Resolution Protocol" wurde mit folgendem Fehler beendet: 
%%-2140993535

Error: (08/23/2014 06:36:36 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Peer Networking Grouping" ist vom Dienst "Peer Name Resolution Protocol" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%-2140993535


Microsoft Office Sessions:
=========================

==================== Memory info =========================== 

Processor: AMD FX(tm)-6100 Six-Core Processor 
Percentage of memory in use: 50%
Total physical RAM: 3325.55 MB
Available physical RAM: 1630.77 MB
Total Pagefile: 6649.4 MB
Available Pagefile: 4554.49 MB
Total Virtual: 2047.88 MB
Available Virtual: 1911.68 MB

==================== Drives ================================

Drive c: (WinXP-Pro) (Fixed) (Total:149.03 GB) (Free:9.19 GB) NTFS ==>[Drive with boot components (obtained from BCD)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 149 GB) (Disk ID: 27842783)
Partition 1: (Active) - (Size=149 GB) - (Type=07 NTFS)

==================== End Of Log ============================

--- --- ---

cosinus · 23.08.2014, 23:43

Zitat:

[uTorrent] => C:\Program Files\uTorrent\uTorrent.exe [963984 2012-11-10] (BitTorrent, Inc.)

Ist das auch ein Arbeitsmittel? Wer erlaubt denn uTorrent auf der Arbeit?

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

HKLM\...\Run: [Adobe Update] => C:\ProgramData\Adobe\Color.vbs [103 2013-12-11] ()
HKLM\...\Run: [fst_de_37] => [X]
HKU\S-1-5-21-599103058-399197357-876646614-1000\...\Run: [BlockAndSurf] => C:\Program Files\v04BlockAndSurf\BlockAndSurf.exe
HKU\S-1-5-21-599103058-399197357-876646614-1000\...\Run: [BlockAndSurfC] => C:\Program Files\v04BlockAndSurf\BlockAndSurfC.exe
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
ProxyServer: http=127.0.0.1:14312;https=127.0.0.1:14312
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll No File
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll No File
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
FF Extension: Freeven pro - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\pjlxmbu5.default\Extensions\a0046b9b-fdb9-497f-a4b1-2a108ad6007a@5cdf80b7-0420-4bb7-b3c0-e188e6f4fb8a.com [2014-07-13]
FF Extension: MediaPlayerplus - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\pjlxmbu5.default\Extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com [2014-07-13]
FF Extension: Plus-HD-2.2c - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\pjlxmbu5.default\Extensions\ODNZSOUV80284234@YL43682704.com [2014-08-20]
FF Extension: No Name - C:\Program Files\v04BlockAndSurf\175.xpi []
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
AlternateDataStreams: C:\ProgramData\TEMP:373E1720
C:\ProgramData\Adobe\Color.vbs
C:\Program Files\v04BlockAndSurf

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

derhalma123 · 25.08.2014, 13:38

Code:

ATTFilter

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version:24-08-2014 03
Ran by Max at 2014-08-25 14:21:00 Run:1
Running from C:\Users\Max\Downloads
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
HKLM\...\Run: [Adobe Update] => C:\ProgramData\Adobe\Color.vbs [103 2013-12-11] ()
HKLM\...\Run: [fst_de_37] => [X]
HKU\S-1-5-21-599103058-399197357-876646614-1000\...\Run: [BlockAndSurf] => C:\Program Files\v04BlockAndSurf\BlockAndSurf.exe
HKU\S-1-5-21-599103058-399197357-876646614-1000\...\Run: [BlockAndSurfC] => C:\Program Files\v04BlockAndSurf\BlockAndSurfC.exe
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
ProxyServer: http=127.0.0.1:14312;https=127.0.0.1:14312
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll No File
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll No File
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
FF Extension: Freeven pro - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\pjlxmbu5.default\Extensions\a0046b9b-fdb9-497f-a4b1-2a108ad6007a@5cdf80b7-0420-4bb7-b3c0-e188e6f4fb8a.com [2014-07-13]
FF Extension: MediaPlayerplus - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\pjlxmbu5.default\Extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com [2014-07-13]
FF Extension: Plus-HD-2.2c - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\pjlxmbu5.default\Extensions\ODNZSOUV80284234@YL43682704.com [2014-08-20]
FF Extension: No Name - C:\Program Files\v04BlockAndSurf\175.xpi []
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
AlternateDataStreams: C:\ProgramData\TEMP:373E1720
C:\ProgramData\Adobe\Color.vbs
C:\Program Files\v04BlockAndSurf
         
*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe Update => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\fst_de_37 => value deleted successfully.
HKU\S-1-5-21-599103058-399197357-876646614-1000\Software\Microsoft\Windows\CurrentVersion\Run\\BlockAndSurf => value deleted successfully.
HKU\S-1-5-21-599103058-399197357-876646614-1000\Software\Microsoft\Windows\CurrentVersion\Run\\BlockAndSurfC => value deleted successfully.
C:\Windows\system32\GroupPolicy\Machine => Moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}" => Key deleted successfully.
"HKCR\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}" => Key deleted successfully.
"HKCR\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}" => Key deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => value deleted successfully.
"HKCR\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}" => Key not found.
C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\pjlxmbu5.default\Extensions\a0046b9b-fdb9-497f-a4b1-2a108ad6007a@5cdf80b7-0420-4bb7-b3c0-e188e6f4fb8a.com => Moved successfully.
C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\pjlxmbu5.default\Extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com => Moved successfully.
C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\pjlxmbu5.default\Extensions\ODNZSOUV80284234@YL43682704.com => Moved successfully.
C:\Program Files\v04BlockAndSurf\175.xpi => not found.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
C:\ProgramData\TEMP => ":373E1720" ADS removed successfully.
C:\ProgramData\Adobe\Color.vbs => Moved successfully.
"C:\Program Files\v04BlockAndSurf" => File/Directory not found.


The system needed a reboot. 

==== End of Fixlog ====

cosinus · 25.08.2014, 13:39

Okay, dann Kontrollscans mit MBAM und ESET bitte:

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

derhalma123 · 31.08.2014, 14:10

Sorry, hatte im Urlaub kein Internetanschluss

MBAM :

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 25.08.2014
Suchlauf-Zeit: 14:48:46
Logdatei: mbam.txt
Administrator: Ja

Version: 2.00.2.1012
Malware Datenbank: v2014.08.25.02
Rootkit Datenbank: v2014.08.21.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Self-protection: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x86
Dateisystem: NTFS
Benutzer: Max

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 286539
Verstrichene Zeit: 10 Min, 54 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristics: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 8
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, In Quarantäne, [35917159e992c96d8ef133434db5a55b], 
PUP.Optional.BrowseSafe.A, HKLM\SOFTWARE\Browse Safe, In Quarantäne, [a323636776057bbbabd328c44fb38e72], 
PUP.Optional.Feven.A, HKLM\SOFTWARE\Freeven pro, In Quarantäne, [2b9b0fbb99e25adc902111f85da6ab55], 
PUP.Optional.TornTV.A, HKLM\SOFTWARE\Torntv V6.0, In Quarantäne, [8b3b369447346acc37bfc35563a0c13f], 
PUP.Optional.BlockAndSurf.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\BlockAndSurf, Löschen bei Neustart, [6f5719b1bfbc7bbb0761f6f690720ff1], 
PUP.Optional.Feven.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Freeven pro, Löschen bei Neustart, [982eb7132d4e1a1c10a39e6bd13257a9], 
PUP.Optional.MediaPlayerplus.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\MediaPlayerplus, Löschen bei Neustart, [74523d8df4872b0ba23248c12ad9aa56], 
PUP.Optional.Feven.A, HKU\S-1-5-21-599103058-399197357-876646614-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Freeven pro, Löschen bei Neustart, [fec84981c3b86cca5f54fe0b0cf7be42], 

Registrierungswerte: 1
PUP.Optional.FastStart.A, HKU\S-1-5-21-599103058-399197357-876646614-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MOZILLA\EXTENDS|appid, faststartff@gmail.com, Löschen bei Neustart, [3591903a314a94a2c4e689695aa8ee12]

Registrierungsdaten: 0
(No malicious items detected)

Ordner: 5
PUP.Optional.CrossRider.A, C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_majjphhgppkndjjkmhhnbgafooenebhd_0, In Quarantäne, [22a44c7ecdae43f300e0af165fa30cf4], 
PUP.Optional.CrossRider.A, C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_imonhoeiopfgoncjdldhhfjgocghkbbl_0, In Quarantäne, [09bd6565f9824cea82621fa605fdf50b], 
PUP.Optional.CrossRider.A, C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\majjphhgppkndjjkmhhnbgafooenebhd, In Quarantäne, [2e98f5d5d8a391a5bb310cb9639f867a], 
PUP.Optional.CrossRider.A, C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\imonhoeiopfgoncjdldhhfjgocghkbbl, In Quarantäne, [a620bd0d710abe78757b41846c964db3], 
PUP.Optional.FreeSoftwareToday.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FrEeSoFtOdAy, In Quarantäne, [7650efdbc5b69e98be6bb423956db64a], 

Dateien: 31
PUP.Optional.WebCake.A, C:\Program Files\WBDesktop.Updater.1.0.0.16.exe, In Quarantäne, [844274564338e353a2b19a7c6b96c838], 
PUP.Optional.OneClickDownloader.A, C:\Users\Max\Downloads\Crysis_3_PC_full_game_EN-CZ-DE-ES-FR-IT-PL-RU-TR_^^nosTEAM^^.exe, In Quarantäne, [10b6c70344374bebb1c70e10ad5431cf], 
PUP.Optional.BundleInstaller.A, C:\Users\Max\Downloads\Setup.exe, In Quarantäne, [c105cdfdc8b37fb797467bd89f6225db], 
PUP.Optional.RocketFuel.A, C:\Users\Max\Downloads\FlightSim_RocketFuelInstaller.exe, In Quarantäne, [ebdbb713dba09c9af49c1d8462a2a25e], 
PUP.Optional.RocketFuel.A, C:\Users\Max\Downloads\MediaPlayerClassic_RocketFuelInstaller.exe, In Quarantäne, [f1d5b515f5861323e9a70c95de269e62], 
PUP.Optional.Iminent.A, C:\Windows\Installer\223537.msi, In Quarantäne, [982e7852aad1da5c25ed8dadbd44c43c], 
PUP.Optional.SnapDo.A, C:\Windows\Installer\ac750.msi, In Quarantäne, [487ebb0f8af1c86e8896ff91cd347888], 
PUP.Optional.SmartBar, C:\Windows\Installer\MSI45A6.tmp-\Smartbar.Installer.CustomActions.dll, In Quarantäne, [facc03c7e7942b0b242632fcd8287a86], 
PUP.Optional.Proxy.A, C:\Users\Max\AppData\Local\proxy.log, In Quarantäne, [22a4804afe7d092d4dfc33b759a9fd03], 
PUP.Optional.CrossRider.A, C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_majjphhgppkndjjkmhhnbgafooenebhd_0.localstorage, In Quarantäne, [5a6cac1edba063d31991c8411ee558a8], 
PUP.Optional.CrossRider.A, C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_imonhoeiopfgoncjdldhhfjgocghkbbl_0.localstorage, In Quarantäne, [c006606a0c6f41f56b43c74273908b75], 
PUP.Optional.QuickStart.A, C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pelmeidfhdlhlbjimpabfcbnnojbboma_0.localstorage, In Quarantäne, [86406f5bb0cb64d22a1797b5af55e11f], 
PUP.Optional.CrossRider.A, C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_majjphhgppkndjjkmhhnbgafooenebhd_0\18, In Quarantäne, [22a44c7ecdae43f300e0af165fa30cf4], 
PUP.Optional.CrossRider.A, C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_imonhoeiopfgoncjdldhhfjgocghkbbl_0\17, In Quarantäne, [09bd6565f9824cea82621fa605fdf50b], 
PUP.Optional.CrossRider.A, C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\majjphhgppkndjjkmhhnbgafooenebhd\000062.ldb, In Quarantäne, [2e98f5d5d8a391a5bb310cb9639f867a], 
PUP.Optional.CrossRider.A, C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\majjphhgppkndjjkmhhnbgafooenebhd\000077.log, In Quarantäne, [2e98f5d5d8a391a5bb310cb9639f867a], 
PUP.Optional.CrossRider.A, C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\majjphhgppkndjjkmhhnbgafooenebhd\CURRENT, In Quarantäne, [2e98f5d5d8a391a5bb310cb9639f867a], 
PUP.Optional.CrossRider.A, C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\majjphhgppkndjjkmhhnbgafooenebhd\LOCK, In Quarantäne, [2e98f5d5d8a391a5bb310cb9639f867a], 
PUP.Optional.CrossRider.A, C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\majjphhgppkndjjkmhhnbgafooenebhd\LOG, In Quarantäne, [2e98f5d5d8a391a5bb310cb9639f867a], 
PUP.Optional.CrossRider.A, C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\majjphhgppkndjjkmhhnbgafooenebhd\LOG.old, In Quarantäne, [2e98f5d5d8a391a5bb310cb9639f867a], 
PUP.Optional.CrossRider.A, C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\majjphhgppkndjjkmhhnbgafooenebhd\MANIFEST-000075, In Quarantäne, [2e98f5d5d8a391a5bb310cb9639f867a], 
PUP.Optional.CrossRider.A, C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\imonhoeiopfgoncjdldhhfjgocghkbbl\000050.ldb, In Quarantäne, [a620bd0d710abe78757b41846c964db3], 
PUP.Optional.CrossRider.A, C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\imonhoeiopfgoncjdldhhfjgocghkbbl\000064.ldb, In Quarantäne, [a620bd0d710abe78757b41846c964db3], 
PUP.Optional.CrossRider.A, C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\imonhoeiopfgoncjdldhhfjgocghkbbl\000067.ldb, In Quarantäne, [a620bd0d710abe78757b41846c964db3], 
PUP.Optional.CrossRider.A, C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\imonhoeiopfgoncjdldhhfjgocghkbbl\000083.log, In Quarantäne, [a620bd0d710abe78757b41846c964db3], 
PUP.Optional.CrossRider.A, C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\imonhoeiopfgoncjdldhhfjgocghkbbl\CURRENT, In Quarantäne, [a620bd0d710abe78757b41846c964db3], 
PUP.Optional.CrossRider.A, C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\imonhoeiopfgoncjdldhhfjgocghkbbl\LOCK, In Quarantäne, [a620bd0d710abe78757b41846c964db3], 
PUP.Optional.CrossRider.A, C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\imonhoeiopfgoncjdldhhfjgocghkbbl\LOG, In Quarantäne, [a620bd0d710abe78757b41846c964db3], 
PUP.Optional.CrossRider.A, C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\imonhoeiopfgoncjdldhhfjgocghkbbl\LOG.old, In Quarantäne, [a620bd0d710abe78757b41846c964db3], 
PUP.Optional.CrossRider.A, C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\imonhoeiopfgoncjdldhhfjgocghkbbl\MANIFEST-000081, In Quarantäne, [a620bd0d710abe78757b41846c964db3], 
PUP.Optional.FreeSoftwareToday.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FrEeSoFtOdAy\Freesofttoday.lnk, In Quarantäne, [7650efdbc5b69e98be6bb423956db64a], 

Physische Sektoren: 0
(No malicious items detected)


(end)

ESET :

Code:

ATTFilter

C:\AdwCleaner\Quarantine\C\Program Files\Betcat\WebCakeIEClient.dll.vir möglicherweise Variante von Win32/Adware.Yontoo.A Anwendung
C:\AdwCleaner\Quarantine\C\Program Files\fst_de_80\freeSoftToday_widget.exe.vir Variante von Win32/AdWare.EoRezo.AU Anwendung
C:\AdwCleaner\Quarantine\C\Program Files\Iminent\Iminent.WinCore.dll.vir Variante von Win32/Toolbar.Iminent.E evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Program Files\SaveSenseLive\Update\SaveSenseLive.exe.vir Win32/SaveSense.A evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Program Files\SaveSenseLive\Update\1.3.23.0\npGoogleUpdate3.dll.vir Win32/SaveSense.A evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Program Files\SaveSenseLive\Update\1.3.23.0\psmachine.dll.vir Win32/SaveSense.A evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Program Files\SaveSenseLive\Update\1.3.23.0\SaveSenseLive.exe.vir Win32/SaveSense.A evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Program Files\SaveSenseLive\Update\1.3.23.0\SaveSenseLiveBroker.exe.vir Win32/SaveSense.A evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Program Files\SaveSenseLive\Update\1.3.23.0\SaveSenseLiveHandler.exe.vir Win32/SaveSense.A evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Program Files\SaveSenseLive\Update\1.3.23.0\SaveSenseLiveOnDemand.exe.vir Win32/SaveSense.A evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Program Files\SearchProtect\Main\bin\SPTool.dll.vir Variante von Win32/Conduit.SearchProtect.H evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Program Files\SearchProtect\Main\bin\uninstall.exe.vir Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Program Files\SearchProtect\SearchProtect\bin\cltmng.exe.vir Variante von Win32/Conduit.SearchProtect.I evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Program Files\SearchProtect\SearchProtect\bin\SPTool64.exe.vir Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Program Files\SearchProtect\SearchProtect\bin\SPVC32.dll.vir Variante von Win32/Conduit.SearchProtect.H evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Program Files\SearchProtect\SearchProtect\bin\SPVC32Loader.dll.vir Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Program Files\SearchProtect\SearchProtect\bin\SPVC64.dll.vir Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Program Files\SearchProtect\SearchProtect\bin\SPVC64Loader.dll.vir Variante von Win64/Conduit.SearchProtect.A evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Program Files\SearchProtect\UI\bin\cltmngui.exe.vir Variante von Win32/Conduit.SearchProtect.I evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Program Files\ToggleMark\ToggleMarkBHO.dll.vir Variante von Win32/BrowseFox.O evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Program Files\ToggleMark\ToggleMarkUninstall.exe.vir Win32/BrowseFox.C evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Program Files\ToggleMark\updateToggleMark.exe.vir Variante von Win32/BrowseFox.H evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Program Files\ToggleMark\bin\ToggleMark.BrowserAdapter.exe.vir Variante von Win32/BrowseFox.I evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Program Files\ToggleMark\bin\ToggleMark.PurBrowse.exe.vir Variante von Win32/BrowseFox.J evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Program Files\ToggleMark\bin\ToggleMarkBAApp.dll.vir Win32/BrowseFox.N evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Program Files\ToggleMark\bin\utilToggleMark.exe.vir Variante von Win32/BrowseFox.H evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Program Files\ToggleMark\bin\{9a9157bb-003e-4fef-8bd1-c09bc4586a28}.dll.vir Variante von Win32/BrowseFox.M evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Program Files\ToggleMark\bin\plugins\ToggleMark.Bromon.dll.vir Variante von MSIL/BrowseFox.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Program Files\ToggleMark\bin\plugins\ToggleMark.BroStats.dll.vir Variante von MSIL/BrowseFox.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Program Files\ToggleMark\bin\plugins\ToggleMark.BrowserAdapterS.dll.vir möglicherweise Variante von MSIL/BrowseFox.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Program Files\ToggleMark\bin\plugins\ToggleMark.CompatibilityChecker.dll.vir Variante von MSIL/BrowseFox.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Program Files\ToggleMark\bin\plugins\ToggleMark.FFUpdate.dll.vir Variante von MSIL/BrowseFox.E evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Program Files\ToggleMark\bin\plugins\ToggleMark.IEUpdate.dll.vir Variante von MSIL/BrowseFox.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Program Files\ToggleMark\bin\plugins\ToggleMark.PurBrowseG.dll.vir Variante von MSIL/BrowseFox.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Program Files\v04BlockAndSurf\175.dll.vir Variante von Win32/AdWare.AddLyrics.BH Anwendung
C:\AdwCleaner\Quarantine\C\Program Files\v04BlockAndSurf\BlockAndSurf.exe.vir Variante von Win32/AdWare.AddLyrics.AR Anwendung
C:\AdwCleaner\Quarantine\C\Program Files\v04BlockAndSurf\v03BlockAndSurfgF175.dll.vir Variante von Win32/AdWare.AddLyrics.BB Anwendung
C:\AdwCleaner\Quarantine\C\ProgramData\WindowsProtectManger\wprotectmanager.exe.vir Variante von Win32/ELEX.AM evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\ProgramData\WPM\wprotectmanager.exe.vir Variante von Win32/ELEX.Y evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Max\AppData\Local\AnyProtectScannerSetup.exe.vir Win32/AnyProtect.D evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Max\AppData\Local\fst_de_80\upfst_de_80.exe.vir Variante von Win32/Adware.EoRezo.AJ Anwendung
C:\AdwCleaner\Quarantine\C\Users\Max\AppData\Local\fst_de_80\Download\majfst.exe.vir Win32/AdWare.EoRezo.AW Anwendung
C:\AdwCleaner\Quarantine\C\Users\Max\AppData\Local\fst_de_80\Download\majfst_gentlede.exe.vir Win32/AdWare.EoRezo.AW Anwendung
C:\AdwCleaner\Quarantine\C\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfakeonomonapccoamcmdgpoaicnpnoo\1.26.232_0\extensionData\plugins\194.js.vir JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfakeonomonapccoamcmdgpoaicnpnoo\1.26.232_0\extensionData\plugins\91.js.vir JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Max\AppData\Local\LPT\lrrot.dll.vir Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Max\AppData\Local\LPT\Newtonsoft.Json.dll.vir Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Max\AppData\Local\LPT\Proxy.Lib.dll.vir Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Max\AppData\Local\LPT\ProxySettings.dll.vir Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Max\AppData\Local\LPT\Smartbar.Common.dll.vir Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Max\AppData\Local\LPT\Smartbar.Communication.dll.vir Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Max\AppData\Local\LPT\Smartbar.Communication.NamedPipe.dll.vir Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Max\AppData\Local\LPT\Smartbar.Infrastructure.Utilities.dll.vir Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Max\AppData\Local\LPT\Smartbar.Monetization.Proxy.ProxyService.dll.vir Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Max\AppData\Local\LPT\Smartbar.Personalization.Common.dll.vir Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Max\AppData\Local\LPT\Smartbar.Resources.HistoryAndStatsWrapper.dll.vir Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Max\AppData\Local\LPT\sppsm.dll.vir Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Max\AppData\Local\LPT\spusm.dll.vir Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Max\AppData\Local\LPT\srbs.dll.vir Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Max\AppData\Local\LPT\srbu.dll.vir Variante von MSIL/Toolbar.Linkury.F evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Max\AppData\Local\LPT\sreu.dll.vir Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Max\AppData\Local\LPT\srpdm.dll.vir Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Max\AppData\Local\LPT\srprl.dll.vir Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Max\AppData\Local\LPT\srpt.dll.vir Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Max\AppData\Local\LPT\srptc.dll.vir Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Max\AppData\Local\LPT\srut.dll.vir Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Max\AppData\Local\Smartbar\Application\Interop.SHDocVw.dll.vir Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Max\AppData\Local\Smartbar\Application\lrcnt.dll.vir Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Max\AppData\Local\Smartbar\Application\lrrot.dll.vir Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Max\AppData\Local\Smartbar\Application\MACTrackBarLib.dll.vir Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Max\AppData\Local\Smartbar\Application\NDde.dll.vir Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Max\AppData\Local\Smartbar\Application\Newtonsoft.Json.dll.vir Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Max\AppData\Local\Smartbar\Application\Proxy.Lib.dll.vir Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Max\AppData\Local\Smartbar\Application\ProxySettings.dll.vir Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Max\AppData\Local\Smartbar\Application\sgml.dll.vir Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Max\AppData\Local\Smartbar\Application\sidb.dll.vir Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Max\AppData\Local\Smartbar\Application\siem.dll.vir Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Max\AppData\Local\Smartbar\Application\sipb.dll.vir Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Max\AppData\Local\Smartbar\Application\sismlp.dll.vir Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Max\AppData\Local\Smartbar\Application\Smartbar.Common.dll.vir Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Max\AppData\Local\Smartbar\Application\Smartbar.Communication.dll.vir Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Max\AppData\Local\Smartbar\Application\Smartbar.Communication.NamedPipe.dll.vir Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Max\AppData\Local\Smartbar\Application\Smartbar.GUI.Controls.dll.vir Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Max\AppData\Local\Smartbar\Application\Smartbar.GUI.Docking.dll.vir Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Max\AppData\Local\Smartbar\Application\Smartbar.GUI.MainClient.dll.unused.vir Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Max\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.BusinessEntities.dll.vir Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Max\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Core.dll.vir Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Max\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.ChromeLocalPlugin.dll.vir Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Max\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.FireFoxLocalPlugin.dll.vir Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Max\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.InternetExplorerLocalPlugin.dll.vir Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Max\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Utilities.dll.vir Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Max\AppData\Local\Smartbar\Application\Smartbar.Monetization.Proxy.ProxyService.dll.vir Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Max\AppData\Local\Smartbar\Application\Smartbar.Personalization.Common.dll.vir Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Max\AppData\Local\Smartbar\Application\Smartbar.Resources.HistoryAndStatsWrapper.dll.vir Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Max\AppData\Local\Smartbar\Application\Smartbar.Resources.LanguageSettings.dll.vir Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Max\AppData\Local\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.dll.vir Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Max\AppData\Local\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.XmlSerializers.dll.vir Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Max\AppData\Local\Smartbar\Application\Smartbar.Resources.Translations.dll.vir Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Max\AppData\Local\Smartbar\Application\SmartbarInternetExplorerBHO.dll.vir Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Max\AppData\Local\Smartbar\Application\SmartbarInternetExplorerBHO2.dll.vir Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Max\AppData\Local\Smartbar\Application\SmartbarInternetExplorerExtension.dll.vir Variante von MSIL/Toolbar.Linkury.D evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Max\AppData\Local\Smartbar\Application\SmartbarInternetExplorerExtension2.dll.vir Variante von MSIL/Toolbar.Linkury.D evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Max\AppData\Local\Smartbar\Application\smta.dll.vir Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Max\AppData\Local\Smartbar\Application\smti.dll.vir Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Max\AppData\Local\Smartbar\Application\smtu.dll.vir Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Max\AppData\Local\Smartbar\Application\spbe.dll.vir Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Max\AppData\Local\Smartbar\Application\spbl.dll.vir Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Max\AppData\Local\Smartbar\Application\sppsm.dll.vir Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Max\AppData\Local\Smartbar\Application\spsm.dll.vir Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Max\AppData\Local\Smartbar\Application\spusm.dll.vir Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Max\AppData\Local\Smartbar\Application\srau.dll.vir Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Max\AppData\Local\Smartbar\Application\srbhu.dll.vir Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Max\AppData\Local\Smartbar\Application\srbs.dll.vir Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Max\AppData\Local\Smartbar\Application\srbu.dll.vir Variante von MSIL/Toolbar.Linkury.F evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Max\AppData\Local\Smartbar\Application\sreu.dll.vir Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Max\AppData\Local\Smartbar\Application\srgu.dll.vir Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Max\AppData\Local\Smartbar\Application\srns.dll.vir Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Max\AppData\Local\Smartbar\Application\srom.dll.vir Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Max\AppData\Local\Smartbar\Application\srpdm.dll.vir Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Max\AppData\Local\Smartbar\Application\srprl.dll.vir Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Max\AppData\Local\Smartbar\Application\srpu.dll.vir Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Max\AppData\Local\Smartbar\Application\srsbs.dll.vir Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Max\AppData\Local\Smartbar\Application\srsbsau.dll.vir Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Max\AppData\Local\Smartbar\Application\srsl.dll.vir Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Max\AppData\Local\Smartbar\Application\sruhs.dll.vir Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Max\AppData\Local\Smartbar\Application\srus.dll.vir Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Max\AppData\Local\Smartbar\Application\srut.dll.vir Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Max\AppData\Local\Smartbar\Application\amfclgbdpgndipgoegfpkkgobahigbcl\GoogleChromeRemotePlugin.dll.vir Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Max\AppData\Local\Smartbar\Application\ar\Smartbar.Resources.LanguageSettings.resources.dll.vir Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Max\AppData\Local\Smartbar\Application\de\Smartbar.Resources.LanguageSettings.resources.dll.vir Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Max\AppData\Local\Smartbar\Application\es\Smartbar.Resources.LanguageSettings.resources.dll.vir Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Max\AppData\Local\Smartbar\Application\fr\Smartbar.Resources.LanguageSettings.resources.dll.vir Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Max\AppData\Local\Smartbar\Application\he\Smartbar.Resources.LanguageSettings.resources.dll.vir Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Max\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_25.dll.vir Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Max\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_26.dll.vir Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Max\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_27.dll.vir Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Max\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_28.dll.vir Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Max\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_29.dll.vir Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Max\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_30.dll.vir Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Max\AppData\Local\Smartbar\Application\it\Smartbar.Resources.LanguageSettings.resources.dll.vir Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Max\AppData\Local\Smartbar\Application\nl\Smartbar.Resources.LanguageSettings.resources.dll.vir Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Max\AppData\Local\Smartbar\Application\pt\Smartbar.Resources.LanguageSettings.resources.dll.vir Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Max\AppData\Local\Smartbar\Application\ru\Smartbar.Resources.LanguageSettings.resources.dll.vir Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Max\AppData\Local\Smartbar\Application\tr\Smartbar.Resources.LanguageSettings.resources.dll.vir Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Max\AppData\Local\Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.DMP.dll.vir Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Max\AppData\Local\Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.MessengerPlugin.dll.vir Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Max\AppData\Local\Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.WeatherPlugin.dll.vir Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Max\AppData\Local\Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.WordPlugin.dll.vir Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Max\AppData\Local\Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.YoutubeDownloadPlugin.dll.vir Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Max\AppData\Local\Smartbar\Common\ServicesPlugins\spup.dll.vir Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Max\AppData\Roaming\Betcat\dat\Desktop.OS.dll.vir Variante von MSIL/WebCake.A evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Max\AppData\Roaming\Betcat\dat\Paladin.dat.vir Variante von MSIL/WebCake.A evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Max\AppData\Roaming\OpenCandy\3BBC48CDF94747CB9BFA672595A34239\Installer.exe.vir Variante von Win32/Toolbar.Linkury.E evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Max\AppData\Roaming\Systweak\ssd\SSDPTstub.exe.vir Win32/Systweak.G evtl. unerwünschte Anwendung
C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SweetIM\Messenger\update\sweetimsetup.exe Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung
C:\Dokumente und Einstellungen\Max\Lokale Einstellungen\Anwendungsdaten\Conduit\CT2851647\uTorrentBar_DEAutoUpdateHelper.exe Win32/Toolbar.Conduit.Q evtl. unerwünschte Anwendung
C:\Dokumente und Einstellungen\Max\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.1.0.1_0\mgHelperGCFB.dll Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung
C:\Dokumente und Einstellungen\Max\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetFB.crx Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung
C:\Dokumente und Einstellungen\Max\Lokale Einstellungen\Anwendungsdaten\uTorrentBar_DE\ldrtbuTor.dll Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung
C:\Dokumente und Einstellungen\Max\Lokale Einstellungen\Anwendungsdaten\uTorrentBar_DE\tbuTor.dll Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung
C:\Dokumente und Einstellungen\Max\Lokale Einstellungen\Anwendungsdaten\uTorrentBar_DE\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.5.3\bin\PriceGongIE.dll Variante von Win32/PriceGong.A evtl. unerwünschte Anwendung
C:\Dokumente und Einstellungen\Max\Lokale Einstellungen\Temp\mgsqlite3.7z Win32/SweetIM.K evtl. unerwünschte Anwendung
C:\Dokumente und Einstellungen\Max\Lokale Einstellungen\Temp\Shortcut_VLCMediaPlayerSDM.exe Variante von Win32/SweetIM.C evtl. unerwünschte Anwendung
C:\Dokumente und Einstellungen\Max\Lokale Einstellungen\Temp\tbedrs.dll Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung
C:\Dokumente und Einstellungen\Max\Lokale Einstellungen\Temp\utt45.tmp.exe Variante von Win32/Toolbar.Conduit evtl. unerwünschte Anwendung
C:\Dokumente und Einstellungen\Max\Lokale Einstellungen\Temp\4108845567\simboapp.exe Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung
C:\Dokumente und Einstellungen\Max\Lokale Einstellungen\Temporary Internet Files\Content.IE5\0OD06RGI\dp[1].exe Win32/DealPly.D evtl. unerwünschte Anwendung
C:\Dokumente und Einstellungen\Max\Lokale Einstellungen\Temporary Internet Files\Content.IE5\0OD06RGI\mgsqlite3[1].7z Win32/SweetIM.K evtl. unerwünschte Anwendung
C:\Dokumente und Einstellungen\Max\Lokale Einstellungen\Temporary Internet Files\Content.IE5\0OD06RGI\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}[1].cpi Variante von Win32/PriceGong.A evtl. unerwünschte Anwendung
C:\FRST\Quarantine\C\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\pjlxmbu5.default\Extensions\a0046b9b-fdb9-497f-a4b1-2a108ad6007a@5cdf80b7-0420-4bb7-b3c0-e188e6f4fb8a.com\extensionData\plugins\91.js JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung
C:\FRST\Quarantine\C\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\pjlxmbu5.default\Extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com\extensionData\plugins\91.js JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung
C:\FRST\Quarantine\C\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\pjlxmbu5.default\Extensions\ODNZSOUV80284234@YL43682704.com\extensionData\plugins\91.js JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung
C:\Users\Max\AppData\Local\nsg5DF1.tmp Win32/AnyProtect.D evtl. unerwünschte Anwendung
C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\00\00000001 Win32/AdWare.1ClickDownload.AT Anwendung
C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\002\t\00\00000000 Win32/AdWare.1ClickDownload.AT Anwendung
C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\File System\005\t\00\00000000 Variante von Win32/DomaIQ.BG evtl. unerwünschte Anwendung
C:\Users\Max\AppData\Local\Temp\nsgA11.tmp Variante von Win32/InstallCore.PK evtl. unerwünschte Anwendung
C:\Users\Max\AppData\Local\Temp\is-2M14D.tmp\package_togglemark_installer_multilang.exe Win32/AdWare.EoRezo.AW Anwendung
C:\Users\Max\AppData\Local\Temp\is-SA1QF.tmp\gentlemjfst_ide.exe Win32/AdWare.EoRezo.AW Anwendung
C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\pjlxmbu5.default\extensions\{99089bda-3282-9ab6-be5a-1a02db071208}\components\SmartbarFireFoxRemotePlugin_20.dll Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung
C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\pjlxmbu5.default\extensions\{99089bda-3282-9ab6-be5a-1a02db071208}\components\SmartbarFireFoxRemotePlugin_21.dll Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung
C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\pjlxmbu5.default\extensions\{99089bda-3282-9ab6-be5a-1a02db071208}\components\SmartbarFireFoxRemotePlugin_22.dll Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung
C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\pjlxmbu5.default\extensions\{99089bda-3282-9ab6-be5a-1a02db071208}\components\SmartbarFireFoxRemotePlugin_23.dll Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung
C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\pjlxmbu5.default\extensions\{99089bda-3282-9ab6-be5a-1a02db071208}\components\SmartbarFireFoxRemotePlugin_24.dll Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung
C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\pjlxmbu5.default\extensions\{99089bda-3282-9ab6-be5a-1a02db071208}\components\SmartbarFireFoxRemotePlugin_25.dll Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung
C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\pjlxmbu5.default\extensions\{99089bda-3282-9ab6-be5a-1a02db071208}\components\SmartbarFireFoxRemotePlugin_26.dll Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung
C:\Users\Max\Downloads\Freeplane - CHIP-Downloader.exe Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung
C:\Windows\assembly\GAC_MSIL\Interop.SHDocVw\1.1.0.0__84542ff99aed6a4d\Interop.SHDocVw.dll Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\Windows\Installer\MSI45A6.tmp-\Smartbar.Resources.LanguageSettings.resources.dll Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung
C:\Windows\Installer\MSI45A6.tmp-\spbl.dll Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\Windows\Installer\MSI45A6.tmp-\sppsm.dll Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\Windows\Installer\MSI45A6.tmp-\spusm.dll Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\Windows\Installer\MSI45A6.tmp-\srbs.dll Variante von MSIL/Toolbar.Linkury.C evtl. unerwünschte Anwendung
C:\Windows\Installer\MSI45A6.tmp-\srbu.dll Variante von MSIL/Toolbar.Linkury.F evtl. unerwünschte Anwendung
C:\Windows\Installer\MSI45A6.tmp-\srptc.dll Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung

cosinus · 31.08.2014, 14:38

Hattest du mal auf diesem Rechner ein XP drauf?

Den Ordner "Dokumente und Einstellungen" ging es nämlich so unter Win7 nicht mehr...

derhalma123 · 02.09.2014, 15:14

Jap, die Rechner kamen als Sammelbestellung ohne Betriebssystem, also haben wir xp draufgehabt und sind später auf win7 umgestiegen

31.08.2014, 14:38	#14
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Google Chrome öffnet selbstständig Tabs und Fenster, auch wenn Browser geschlossen Hattest du mal auf diesem Rechner ein XP drauf? Den Ordner "Dokumente und Einstellungen" ging es nämlich so unter Win7 nicht mehr... __________________ Logfiles bitte immer in CODE-Tags posten

Google Chrome öffnet selbstständig Tabs und Fenster, auch wenn Browser geschlossen

Plagegeister aller Art und deren Bekämpfung: Google Chrome öffnet selbstständig Tabs und Fenster, auch wenn Browser geschlossen